The question is whether its really needed to run that service as root, not who is allowed to access it. We try to avoid to run dbus services as root. If necessary, upstream has to add patches to run it as a dedicated user.