Re: SuSE Linux K-Menu YAST Control Center Priviledge Escalation Vulnerability

[Stefan Seifert <nine () detonation org>]

Jordan Pilat wrote:

> A vulnerability exists in the implementation of 
> placing the SuSE YAST Control Center in the K Menu.  
> Normally, one would be required to authenticate as 
> root before being granted access to the YAST Control 
> Center.  When placing the 'preferences' submenu in 
> the K Menu (in the 'submenu' section under the 
> 'Menus' tab of the K menu panel preferences), 
> however, one can not only access, but make changes to 
> the options in the YAST control center without having 
> to authenticate as root. 
>  
You can change options, but cannot save them or install software. It 
will fail silently, or with dubious error messages.

I experienced this after upgrading, when I suddenly was not able to 
change network settings or install new packages when starting the yast 
modules from the K-menu. I first thought that graphical yast was broken 
until I realized that it never asked me for a root password.

So it's not so much a security bug as just a normal usability bug. It's 
just useless to start yast without root privileges.

Stefan Seifert