-
Simon McVittie authored
These function calls are not a privilege escalation risk like UpdateActivationEnvironment, but they might provide sensitive information or be enhanced to provide sensitive information in future, so the default system.conf locks them down to root-only. Apply the same canonical-object-path hardening as for UpdateActivationEnvironment. We do not apply the uid check here because they are less dangerous than UpdateActivationEnvironment, and because the ability to unlock these function calls for specific uids is a documented configuration for developers. Reviewed-by: Thiago Macieira <thiago@kde.org> [added missing #include; extended commit message -smcv]
eec885de