This is a follow-up to D4725. User actions currently don't rely on the configured path for kdesu but simply assume that it is in PATH. This is a usability issue (kdesu is not in PATH on Ubuntu by default) but there is also a security impact: a malware application running with user's privileges can manipulate PATH to make sure its own kdesu look-alike gets executed for Krusader user actions. This allows the malware to steal the sudo password and to seize full control over the computer.
With this patch KrServices::fullPathName("kdesu") is used for the kdesu path, with the changes in D4725 this path is compiled into Krusader and cannot be manipulated. While at it, I also added proper feedback if kdesu cannot be found.