https://bugzilla.novell.com/show_bug.cgi?id=864716 https://bugzilla.novell.com/show_bug.cgi?id=864716#c12 --- Comment #12 from Raymond Wooninck <tittiatcoke@gmail.com> 2014-03-25 15:05:31 UTC --- @Sebastian, As far as I know getuid() gives me the user of the current process. The call to PolkitQt1::UnixProcessSubject subject(pid) comes from within KAuth where KAuth tries to validate if the user/process is authorized to perform that action and return that value back to the calling program. So I am not sure how this would fit in a DBUS activation as root ? This would mean that the program is running under root and then KAuth will indicate that the user is authorized. I just followed the same approach as that Red Hat did for the spicy-gtk library, so I guess that I am missing the point. Or I am a little bit too naive. @Hrvoje. This issue came up when asking for a security review for smb4k, where Sebastian mentioned that KDE upstream is not following up on security issues. That is where I picked this up and tried to come up with an acceptable solution. The patch was reviewed (https://git.reviewboard.kde.org/r/117056/) and I got a Ship It! for it so that it gets fixed for KDE4 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.