Comment 11 for bug 1449587

Michael, I believe these patches address the issue; it seems ready to me to put together debdiffs for publishing.

However, I'm a little concerned about the get_uid_from_dbus_name() and related calls in aptdaemon/policykit1.py -- using pids alone to identify a process is racy. Pids plus spawn times are stable. Our auditing guide recommends using polkit_unix_process_new_for_owner() -- any idea if that's amenable to this file?

policykit1.py get_proc_info_from_dbus_name() also makes the assumption that process command lines can be parsed as utf--8. How dire is the result of this routine crashing? I suspect it'll just be an inconvenience to the user, but I thought I should ask while we're here looking at it.

Thanks