6 Jan
2005
6 Jan
'05
19:07
On Thu, Jan 06, 2005 at 03:35:02PM -0300, Mauricio Bahamonde wrote:
Hi, I'm running SuSe 9.2 and I have a user account in which I run KDE 3.4 CVS HEAD. I have discovered a serious security flaw probably related to a bug in Yast2 system:/ kioslave. If you go to system:/ on Konqueror -> Settings -> Yast2 Modules, and try to change anything, it doesn't asks you for a password , so any user can do modifications the system without having the root password at all. Please check http://bugs.kde.org/show_bug.cgi?id=96146 for more information on this bug.
The please check the bug again, several comments have been added. Ciao, Marcus