On Fri, 2003-12-05 at 12:13, Christoph Wickert wrote: > Hi there! > > Restoring sessions is a cool feature I think: In KDE, you can logout and > leave a konqueror window open, when you log in again, it will even try > to restore the last webpage you have viewed. > > But what do you think about thins: As normal user I started > redhat-config-network and logged out a little later without exiting it. > Direcly logged in (I needed to restart the X server) again and > redhat-config-network was restored WITHOUT ASKING FOR A PASSWORD!!! > > This is a massive security problem I think! I would STRONGLY recommend posting a bug report. This should not happen. Logging out should "flush" the root permissions, IMVHO. tschuess, Elton ;-)
