this approach to security is obsoleted with the move to QML
it was never perfect, more of a "trusted control" system. now that we have QML only, we need to use that for these features.