PAM authentication plugin for MySQL, Percona Server and MariaDB

PAM-mapped user name saved to a wrong field

Reported by Laurynas Biveinis on 2011-10-23
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
percona-pam-for-mysql
High
Laurynas Biveinis

Bug Description

The PAM stack may decide to map a given user name to some other user name. In that case pam_get_item(..., PAM_USER, ...) will return the mapped user name that is different from MYSQL_SERVER_AUTH_INFO::user_name.

The current code the copies that value to MYSQL_SERVER_AUTH_INFO::external_user field, which is incorrect. It shold copy it to the authenticated_as field, so that the mapped user name is checked against MySQL user table for privileges.

Changed in percona-pam-for-mysql:
status: New → In Progress
importance: Undecided → High
assignee: nobody → Laurynas Biveinis (laurynas-biveinis)
milestone: none → percona-pam-preview
Changed in percona-pam-for-mysql:
status: In Progress → Fix Committed
Changed in percona-pam-for-mysql:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers