Successfully authenticating with PAM may lead to a double free() crash #272
Labels
auth
Related to authentication providers
bug
Something isn't working.
release-blocker
Critical problem that should not go as a "known issue" into any release
Milestone
Comments
foxcpp
added
bug
foxcpp
added
the
release-blocker
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Note: Technically, auth.pam and auth.shadow are not usable since 0.1 since authentication was changed to be keyed on email addresses. 0.5 will unbreak these modules by adding
auth_mapdirective for imapsql.Description
When auth.pam module is used without a helper executable (maddy is compiled with "libpam" build tag) - a double free() crash can occur after successful authentication in some scenarios (see below).
Steps to reproduce
I managed to find this issue while testing what is realistically an invalid configuration: Authentication with pam_unix.so with the credentials of user server is running under. Running maddy as root seems to fix that issue (which is also how it is intended to be used in this case).
However, it is unknown whether the same bug can manifest itself in other PAM configurations e.g. pam_ldap or something.
Environment information
maddy commit baccd561aed7e301539cf92099c3c39e761a6219.
linux/amd64 go1.15.2The text was updated successfully, but these errors were encountered: