Comment 4 for bug 1487941

Hi Kenyon, this was indeed an intentional decision to allow us to reduce the potential attack surface of this high-privilege tool. It was relatively new and relatively under-inspected at the time and this seemed like a fair tradeoff.

At this point it's no longer new, but probably still under-inspected. Now might be a good time to consider turning it back on again. I wonder what it would be like to write an AppArmor profile for these tools first...

Thanks