Comment # 8 on bug 1206163 from 
Yea it's a bit peculiar because the need is that `transactional-update`,
running as root, has to trigger a graphical notification.

The problem is that a graphical notification (over dbus) can only be triggered
on a user's dbus session, and only said user can access to its own session.

So the "client" (who sends the message) runs as root, as it's either
`transactional-update-notifier` or `tukit` itself (in the future) to send the
"update complete message"

The "server" is the daemon that waits for this message, and sends the
notification. This MUST be ran as a normal user, as this one will be able to
then connect to user's dbus session, and send the notification.

This is a way to de-privilege and send the notification over user's dbus
session, without resorting to using `su` or other potentially dangerous
solutions.

Then we also restrict this communication channel, this way only root can *send*
the messages, and we exclude situations where unprivileged users can
spam/trigger notifications.

If there are other doubts, let me know :-)

Thanks

You are receiving this mail because: