I have noticed in Open SUSE 11 that when I run Yast in KDE (after providing the root password) I can close Yast, and still open and close Yast as many times as I want without entering a password as long as I am still logged in.
This seems like a major security flaw, but it still happens even after running the latest patches.
OK you’re right, it does go away after about 5 minutes. I assumed it was a bug, because I always used to get a crash in KDE after configuring Kinternet and the KDE crash handler would come up. This has been fixed through updates. I always associated the crash with no log in to get back into Yast.
I just assumed it was a bug, because I was never asked if I wanted to keep Yast open for 5 minutes after logging in, and usually Suse is good about bringing things like that to your attention.
I still think it’s unnecessary though, and would prefer not to have this option.