It requires having dbus, it's for the popups, one of the things I said the kernel doesn't have.

But unfortunately, IMHO, dbus is a much bigger privacy risk than not having a per-app firewall - it broadcasts everything that happens in the computer to any program that would listen. I hate programs communicating to each other without my consent even more than I hate programs connecting to the internet without my consent.

Dbus is just for IPC. Its up to the apps and developers to choose how to set up their interfaces. Sensitive interfaces do have auth. Its just COM but better, and allows for some great automation.