From: Tristan Wibberley <bloater@ps.cus.umist.ac.uk>
  To  : ggi-develop@eskimo.com
  Date: Wed, 23 Jun 1999 16:32:26 +0100

Re: speed question

On Tue, Jun 22, 1999 at 10:06:59PM +0000, Marcus Sundberg wrote:
> Tristan Wibberley wrote:
> > There must be some serious security concerns with that. Not just from
> > deliberate attacks, but from buggy, transparent window using apps that
> > can *see* what's going on underneath?
> 
> What security? The security in X is in restricting who's allowed
> to connect to the X server.
> Once you are connected you can read screen contents, write screen
> contents, send events, steal events or peek at events without anyone
> noticing.

Security isn't just about protecting your system against malicious
attacks, it includes accidents. X should at least have a *way* to
guarantee that the contents of particular windows will only ever be
copied to your screen under *any* circumstances, accidental or
otherwise. People often have private information that buffer
overflows (eg in an IRC client) should not be able to expose in any
way.

Imagine if I was talking to a client on IRC, they were giving me some
info so I could retrieve some data and encrypt it for them. While I'm
retreiving that data, I would like to be able to guarantee that only
trusted apps can get a snapshot of the window. As it is, I'd have to
ask for the info in email, request more via email, etc, and I'd have
to do that with an xterm.

--
Tristan Wibberley