Hello,
Same problem here in a up-to-date Debian stable (5.0.4 with all security
fixes, etc).
I surfed the web googling for more info and I could hear about the same
problem reported in different forums, etc (there are several bug-ids in
Debian bug-tracking system, for instance). It's not clear whether the
problem is caused by saslauthd, libpam or any of the pam modules
(pam-mysql, mainly). But it's clear that "something" is leaking memory.
Only workaround I've found was to restart saslauthd service periodically
(via cron). There is another workaround ("-n 0" switch) which I didn't
test, since it would be not acceptable (IMHO) due to performance problems.
This bug can be abused to cause a DoS (server crash due to be out of
memory), so it has a security impact.
Bug reports if this bug arise from 2006 or earlier; incredibly it's NOT
fixed yet (we're in 2010!).
Cheers,
-Roman
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
