Your message dated Sun, 1 Jun 2008 06:03:40 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Re: Bug#464706: squid: digest_pw_auth dies when digest_pw
unreadable, no error message
has caused the Debian Bug report #464706,
regarding squid: digest_pw_auth dies when digest_pw unreadable, no error message
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
464706: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464706
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: squid
Version: 2.6.5-6etch1
Severity: normal
In an effort to increase security by not letting local users gather cleartext
passwords from /etc/digest_pw, I changed modes to 600 making the file
readable for root only. I forgot that squid is running as "proxy," so this
user couldn't read the file anymore (because the file was owned by root.)
This, in consequence, caused digest_pw_auth to crash as soon as someone
tried to login and use Squid. I had expected a proper check whether the file
is readable or not, and a respective warning in case it's unreadable, but
instead digest_pw_auth crashes as follows:
>kernel: digest_pw_auth[13592]: segfault at 0000000000000000 rip
>00002b7b2bb25df4 rsp 00007fff7f6e2c30 error 4
>squid[13507]: WARNING: digestauthenticator #3 (FD 13) exited
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (990, 'stable'), (650, 'testing')
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-6-amd64
Locale: LANG=en_US.ISO-8859-15, LC_CTYPE=en_US.ISO-8859-15 (charmap=ISO-8859-15)
Versions of packages squid depends on:
ii adduser 3.102 Add and remove users and groups
ii coreutils 5.97-5.3 The GNU core utilities
ii debconf [debconf-2.0] 1.5.11etch1 Debian configuration management sy
ii libc6 2.3.6.ds1-13etch4 GNU C Library: Shared libraries
ii libdb4.4 4.4.20-8 Berkeley v4.4 Database Libraries [
ii libldap2 2.1.30-13.3 OpenLDAP libraries
ii libpam0g 0.79-5 Pluggable Authentication Modules l
ii logrotate 3.7.1-3 Log rotation utility
ii lsb-base 3.1-23.2etch1 Linux Standard Base 3.1 init scrip
ii netbase 4.29 Basic TCP/IP networking system
ii squid-common 2.6.5-6etch1 Internet Object Cache (WWW proxy c
squid recommends no packages.
-- debconf information:
squid/fix_cachedir_perms: false
squid/largefiles_warning:
squid/anonymize_headers:
squid/authenticate_program:
squid-cgi/cachemgr:
squid/fix_lines: true
squid/old_version: false
squid/http_anonymizer:
--- End Message ---
--- Begin Message ---
I'm closing this bug since I received no answer to my last mail in two
months.
If you wish this bug to be forwarded upstream, please reopen it with
wishlist priority.
Regards,
L
--
Luigi Gangitano -- <[EMAIL PROTECTED]> -- <[EMAIL PROTECTED]>
GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26
--- End Message ---
