Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 54297 - Issue with pam_listfile.so when given bad parameter?
Issue with pam_listfile.so when given bad parameter?
Product: Red Hat Linux
Classification: Retired
Component: pam (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Aaron Brown
Depends On:
  Show dependency treegraph
Reported: 2001-10-03 15:21 EDT by Kambiz Aghaiepour
Modified: 2007-04-18 12:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-10-03 15:21:45 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Kambiz Aghaiepour 2001-10-03 15:21:40 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.4.3-12 i686)

Description of problem:
Bad config file parameter to pam_listfile.so, specifically space after
"file=" parameter, causes application SEGV.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.  Installed vsftpd
2.  In /etc/pam.d/ftp, have the auth line:
   auth  required  /lib/security/pam_listfile.so item=user sense=deny file=
/etc/ftpusers onerr=succeed

(notice the <SPACE> after "file=")

3.  ftp to server and try anonymous ftp


Additional info:

I'm not sure if this is a problem in vsftpd or in pam_listfile.  I also
have not tried this in 7.x series.  Let me know if you'd like me to.
Comment 1 Nalin Dahyabhai 2002-03-07 19:23:58 EST
This should be one of the bugs fixed in the current errata release for RHL 7.2,
so I'm marking this as fixed in the current release.  Because you'd have to
configure it incorrectly to cause it to crash, I don't think it warrants an
erratum at this time.

Note You need to log in before you can comment on or make changes to this bug.