improve sandboxing of KDE apps: set KDE_FORK_SLAVES, blacklist slave-sockets

setting the KDE_FORK_SLAVES environment variable removes all inconsistencies
that arise from slaves running outside the sandbox or in a different sandbox;
it also makes it slightly more difficult to abuse KIO in general and helps to
mitigate security problems due to thumbnailing, which now always happens inside
the same sandbox. The trade-off is more concurrently running slave processes.

closes #2285

0 files changed, 0 insertions, 0 deletions