Comment # 4 on bug 1204026 from 
(In reply to Matthias Gerstner from comment #3)

> 
> Still I would like to ask you to check with upstream what they intend to
> achieve with such logic. There is a certain danger that future coders
> interpret this flag wrongly and use it also in privileged D-Bus functions.
> 
> I'm not sure whether getting BIOS settings is not also already to some level
> privileged. But fwupd is rather lax in other areas already when it comes to
> obtaining system information without authentication.
> 
> Please get in contact with upstream about this before I whitelist the new
> actions.

I could do that, but frankly since I do not know nor understand the security
implications, it would mean that I'd just have to copypaste the reply from here
as a question in a issue.

It would probably be a lot more fruitful if you as a person who understands
these matters did that yourself.

You are receiving this mail because: