Re: What is a security bug?
* Jochen Striepe:
> On 28 Nov 2005, Michelle Konzack wrote:
>> If you allow to run apps as different user on the
>> same desktop, you pick security holes in your system.
> Please explain that, I don't understand at all.
Trusted X applications ("trusted" in the sense that they are not
limited by the X security extension) can read screen contents,
eavesdrop keypresses (even if XGrabKeyboard is active), and send key
presses to xterms even if allowSendEvents is disabled (the default).