Bug 343889

Summary: KDE password authentication dialog for YaST2 accepts ANY password
Product: [openSUSE] openSUSE 10.3 Reporter: Mike Wells <mike_wells>
Component: KDEAssignee: E-mail List <kde-maintainers>
Status: RESOLVED DUPLICATE QA Contact: E-mail List <qa-bugs>
Severity: Critical    
Priority: P5 - None    
Version: Final   
Target Milestone: ---   
Hardware: i686   
OS: openSUSE 10.3   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Mike Wells 2007-11-24 20:37:13 UTC 
The KDE authentication dialog (Run as root - KDE su) accepts ANYTHING in the password edit for a root password when invoking YaST2 (/sbin/yast2).
Comment 1 Mike Wells 2007-11-24 20:51:37 UTC 
Further experimentation leads me to believe the original (valid) passwd is being cached in memory and remaining there for some period of time (not sure how long). I have seen this occur with "sudo" but never "su".
Comment 2 Stephan Binner 2007-11-26 09:12:37 UTC 

*** This bug has been marked as a duplicate of bug 216796 ***