KDE remembers root password for graphical applications
James Cooley
jcooley at fit.edu
Tue Mar 15 21:21:07 UTC 2005
Actually, it only caches the credentials for 5 minutes and forgets
them. This is an aspect of the sudo command, which is called by the GUI
applications. There is a way to change the timeout, but the method for
doing so eludes me at the moment. It might be asiest to just wait the 5
minutes for the credentials to expire.
--James Cooley
linux at fritzenwallner.org wrote:
>Hi!
>
>I recognised under RHEL WS3, that KDE remembers the root password once a
>graphical application required root authentication and it was typed in. That
>means that a second root authentication is not taking place, and the application
>which requires a root password opens without it.
>
>Example:
>$ redhat-config-users
>-> opening the usermanager for the first time, asks for the root password, OK.
>=> opening now the same or any other graphical application that requires root
>autentication, don't ask for the root password anymore, they just open.
>
>Any ideas where I can disable this behaviour (seems to be a security hole).
>
>Thanks!
>Marcel Fritzenwallner
>
>
>
>
>
>
--
--
James Cooley
Sr. Systems Analyst
Information Technology
Florida Tech
321-674-7999
jcooley at it.fit.edu
More information about the redhat-list
mailing list