On closer inspection, the part of smart-notifier running as root doesn't need to be introspectable, because it only runs for a moment, and only sends a signal. However, at the moment any local user can send that signal, and the applet will happily display it, with no indication that it did not, in fact, come from smartd (stealing focus in the process).
Simon
signature.asc
Description: Digital signature
