Itīs virtually impossible to write a dialer without the SUID bit, that is both safe and easy to use for unexperienced users. kppp addresses the security issues with the following strategy:
Immidiatly after program start, kppp forks.
The master process (which does all GUI stuff, user interaction and such) drops the SUID state afterwards, and runs with normal user privileges.
The slave process keeps itīs privileges, and is responsible for all actions that need root privileges. To keep this part safe, no KDE/Qt library calls are used here, just simple C library calls. The source code for this process is short (around 500 lines) and well documented, so itīs easy for to check it for security holes.
Master and slave process communicate with standard UNIX IPC.
Many thanks to Harri Porten for writing this excellent piece of code. I thought it was impossible - he made it within a week.