Yast system:/ kioslave security flaw?
Hi, I'm running SuSe 9.2 and I have a user account in which I run KDE 3.4 CVS HEAD. I have discovered a serious security flaw probably related to a bug in Yast2 system:/ kioslave. If you go to system:/ on Konqueror -> Settings -> Yast2 Modules, and try to change anything, it doesn't asks you for a password , so any user can do modifications the system without having the root password at all. Please check http://bugs.kde.org/show_bug.cgi?id=96146 for more information on this bug. Greetings, -- Mauricio Bahamonde <elkrammer@kde.cl> We must learn our limits. We are all something, but none of us are everything. -- Blaise Pascal
On Thu, Jan 06, 2005 at 03:35:02PM -0300, Mauricio Bahamonde wrote:
Hi, I'm running SuSe 9.2 and I have a user account in which I run KDE 3.4 CVS HEAD. I have discovered a serious security flaw probably related to a bug in Yast2 system:/ kioslave. If you go to system:/ on Konqueror -> Settings -> Yast2 Modules, and try to change anything, it doesn't asks you for a password , so any user can do modifications the system without having the root password at all. Please check http://bugs.kde.org/show_bug.cgi?id=96146 for more information on this bug.
The please check the bug again, several comments have been added. Ciao, Marcus
The please check the bug again, several comments have been added.
Ciao, Marcus Hi, I just read your comment that said: "it might look like if you have root access, but there is nothing that
On Thursday 06 January 2005 16:07, Marcus Meissner wrote: provides an automatic privilege escalation. can you write/change any configuration setting? or is just the GUI active as if in root mode?" I just tried this and you are correct. I can't change any setting, because it's running as a normal user. However, I guess it should ask for a password anyway, because any operation that requires root access fails. Greetings, -- Mauricio Bahamonde <elkrammer@kde.cl> The difference between Stupidity and Genius is that Genius has its limits. -- Anonymous
On Thu, Jan 06, 2005 at 04:20:03PM -0300, Mauricio Bahamonde wrote:
The please check the bug again, several comments have been added.
Ciao, Marcus Hi, I just read your comment that said: "it might look like if you have root access, but there is nothing that
On Thursday 06 January 2005 16:07, Marcus Meissner wrote: provides an automatic privilege escalation. can you write/change any configuration setting? or is just the GUI active as if in root mode?"
I just tried this and you are correct. I can't change any setting, because it's running as a normal user. However, I guess it should ask for a password anyway, because any operation that requires root access fails.
The RPMs shipped with 9.2 make that clear... Somehow our prefix dialog is not shown with newer KDE RPMs and the system:// URL. Ciao, Marcus
On Thursday 06 January 2005 16:50, Marcus Meissner wrote:
The RPMs shipped with 9.2 make that clear... Somehow our prefix dialog is not shown with newer KDE RPMs and the system:// URL.
I'm not using Suse KDE Rpms for my daily use (I use compiled kde cvs head), so I think this should be fixed internally on Yast, so every time it's called through the kioslave, it asks for root password. What do you say? Greetings, -- Mauricio Bahamonde <elkrammer@kde.cl> How is education supposed to make me feel smarter? Besides, every time I learn something new, it pushes some old stuff out of my brain. Remember when I took that home winemaking course, and I forgot how to drive? -- Homer Simpson.
participants (2)
-
Marcus Meissner -
Mauricio Bahamonde