A security issue
In the writeFileToDisk function in the workerdaemon.cpp file, there are no restrictions, so I can directly write to any part of the system through dbus,
for example:
Command:$ gdbus call -y -d org.kubuntu.qaptworker3 -o / -m org.kubuntu.qaptworker3.writeFileToDisk "a test line" "/usr/tag_file"
,
Results of execution:$ cat /usr/tag_file
print: a test line.
So I think we should add a path limit to prevent malicious damage to the system through this interface.