https://bugzilla.novell.com/show_bug.cgi?id=220268 Summary: KDM allows EVERYBODY to shutdown/reboot via VNC Remote Administration on 5900 Product: openSUSE 10.2 Version: Beta 2 Platform: i686 OS/Version: Other Status: NEW Severity: Critical Priority: P5 - None Component: KDE AssignedTo: kde-maintainers@suse.de ReportedBy: danielstefanmader@web.de QAContact: qa@suse.de As already reported for 10.1, it is still possible to shutdown/reboot the machine remotely via VNC on port 5900 ("Remote Administration") without any authentication at all. Checking KDM's default settings for shutdown it says Local: Everybody Remote: Only Root This is an enormous security issue since the root-password should be requested for such activity! -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.