I too want to confirm, that this is a way to gain root privileges without entering a single correct password.
Reproduce: System Settings -> Network Settings -> Administrator Mode -> Enter anything as password -> accepted. After that kdesu accepts anything as password so the user has full access to the system (just exec "kdesu konsole" for example). This seems to be related to the sudo password caching function, because opening a konsole and typing "sudo -k" does stop kdesu accepting anything. The problem is triggered by the System Settings program. When using the orginal kcontrol directly, then this privilege escalation does not work. But if it can be triggered by a fault in a program running with user privileges, it can be triggered by any malicious program, too! This is really a very critical security failure! -- dapper f5 live: administrator mode doesn't work in systemsettings https://launchpad.net/bugs/35581 -- kubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
