Comment 12 for bug 1951490

This one looks okay. Since the fix involves some privilege bumping in various parts of the code, I'm happy this change has been prepared in cooperation with the security team - this would be my main point of concern (requiring a security review). So I will be accepting this to -proposed.

I assume it's intended only for -updates, right? Or do we want to fix this regression in the -security pocket as well? It would require a rebuild then though.