only use the install path for ultimate key storage

this should not be writable by the user, but is readable. safer than
picking the first dir that matches ... which would usually be in the
user's own dir. *facepalm*

remote/signing.cpp

@@ -81,7 +81,7 @@ SigningPrivate::SigningPrivate(Signing *auth, const QString &path)
     m_keystoreDir->startScan(true);
 
     m_KdeKeysDir = new KDirWatch();
-    m_KdeKeysDir->addDir(KStandardDirs::locate("appdata", "plasmakeys/"));
+    m_KdeKeysDir->addDir(ultimateKeyStoragePath());
     m_KdeKeysDir->startScan(true);
 
     // Start watching the keystore and the dir with the kde keys, and notify for changed
@@ -100,6 +100,11 @@ SigningPrivate::~SigningPrivate()
     delete m_KdeKeysDir;
 }
 
+QString SigningPrivate::ultimateKeyStoragePath() const
+{
+    return KStandardDirs::installPath("data") + "plasmakeys/";
+}
+
 void SigningPrivate::registerUltimateTrustKeys()
 {
     QList< QByteArray > tmp;
@@ -108,7 +113,7 @@ void SigningPrivate::registerUltimateTrustKeys()
         keys.insert(UltimatelyTrusted, tmp);
         return;
     }
-    QString path(KStandardDirs::locate("appdata", "plasmakeys/"));
+    QString path = ultimateKeyStoragePath();
     QDir dir(path);
     if (!dir.exists() || path.isEmpty()) {
         kDebug() << "Directory with KDE keys not found: aborting";

remote/signing_p.h

@@ -48,6 +48,7 @@ public:
     // Note: keys[CompletelyUntrusted] refers to an empty list
     QMap<TrustLevel, QList<QByteArray> > keys;
 
+    QString ultimateKeyStoragePath() const;
     void registerUltimateTrustKeys();
     void splitKeysByTrustLevel();
     QStringList keysID(const bool returnPrivate) const;