Comment 10 for bug 163417

No. It is most certainly a security vulnerability.

(1) Opening a folder as root should NEVER EVER open the wrong folder, then execute a part of the folder name as a command under root.
(2) kdesudo will not prompt the user for a password (and hence allow the user to review the command) if the user has within the past 15 minutes opened something else as root.
(3) We should not assume, even if said dialog comes up, that the user has enough shell-code knowledge to identify an escape.