Indeed it is not much of an effort to close the windows one by one (most of the time there won't be many anyway).
And I agree asking continually is annoying. Now a 'remember my choice' thing is provided to avoid that (rev. 8933), but I don't think that really makes sense. If there is an option, it should just be in prefs, otherwise people won't find the option when they want to change it later on. But anyway, I think it is bloat. I can't see why simply leaving the windows open would be a problem (although I think your suggestion for closing them only for default profile, and thus for the case where profiles are disabled, makes some sense). Anyway, leaving the windows open isn't really a vulnerability, since it doesn't allow people to break into the system. The case when there may be a problem, is actually caused by the user: it is like leaving your computer while you're still logged in to your online banking account. Harry Op 30-jul-2007, om 20:09 heeft Youness Alaoui het volgende geschreven: > yeah, people (who?) see this as a vulnerability because you might > logout, leave the pc, and someone could come and read your > messages, or continue chatting in your place if the SB didn't > close (after less than 1 minute of last activity) which is just > absurd... > *maybe* we could have it close only for the default profile, or if > the 'disable profiles' option is enabled or something for cyber > cafes or whatever.. but then again, I think the feature > will be missed. > I think it's easy for someone to just close all windows manually or > close amsn itself when he's finished. > asking the user is just an annoyance in my opinion and closing > without asking is worse.. > > KKRT > > On Mon, Jul 30, 2007 at 08:02:45PM +0200, Harry Vennik wrote: >> Hi, >> I also tend to regard the staying open of all windows (and even being >> able to continue chatting!) to be a feature, which is an advantage of >> aMSN compared to WLM. But I'd like to know why people call it a >> vulnerability... Is it somewhere on the forums? >> If there is a good reason for that (I don't think there is, actually) >> then we should simply close the windows (it doesn't make sense to >> provide an option to enable a vulnerability, right?). >> Otherwise (i.e. most likely), commits 8929 and 8930 should be >> reverted, like proposed by Youness on the other thread (svn rev. 8030 >> BUG). >> >> Harry >> >> >> Op 26-jul-2007, om 18:33 heeft Youness Alaoui het volgende >> geschreven: >> >>> Hi, >>> I don't agree, it just shouldn't close all the windows... what WLM >>> does is to close all the windows if you click on "logout" or if you >>> were disconnected (by itself or logged in another location) and you >>> switch to another profile.. >>> it also never just closes the windows, it ALWAYS asks "you are >>> signing out of blablabla, all windows will be closed" if there >>> are any >>> opened window... >>> I HATE that behavior on wlm.. maybe others don't, but maybe the >>> closeall should ask the user with a remember me choice to either >>> close >>> all, leave all opened... >>> + an option to revert the choice... >>> >>> KKRT >>> >>> On Thu, Jul 26, 2007 at 03:40:51PM +0200, Mirko Hansen wrote: >>>> hey guys, >>>> >>>> as i had some free time this afternoon i thought of fixing this >>>> vulnerability, but as vivia told me, it's more a feature than a >>>> vulnerability, because it can be useful to logout and still be >>>> able to say >>>> bye or something. so vivia proposed to add an option to disable >>>> closing >>>> windows after logout, to be able to use that feature without >>>> risking a >>>> vulnerability to those who don't know of this feature. the default >>>> value >>>> would be closing the windows. what do you think? >>>> >>>> mirko >>>> >>>> 2007/7/26, [EMAIL PROTECTED] >>>> <[EMAIL PROTECTED]>: >>>>> >>>>> Revision: 8929 >>>>> http://amsn.svn.sourceforge.net/amsn/?rev=8929&view=rev >>>>> Author: baaazen >>>>> Date: 2007-07-26 05:36:00 -0700 (Thu, 26 Jul 2007) >>>>> >>>>> Log Message: >>>>> ----------- >>>>> fix for closing all chatwindows after logout as this could be a >>>>> vulnerability >>>>> >>>>> Modified Paths: >>>>> -------------- >>>>> trunk/amsn/chatwindow.tcl >>>>> trunk/amsn/gui.tcl >>>>> >>>>> Modified: trunk/amsn/chatwindow.tcl >>>>> ================================================================== >>>>> = >>>>> --- trunk/amsn/chatwindow.tcl 2007-07-26 09:31:16 UTC (rev 8928) >>>>> +++ trunk/amsn/chatwindow.tcl 2007-07-26 12:36:00 UTC (rev 8929) >>>>> @@ -341,6 +341,29 @@ >>>>> return [llength [set ::ChatWindow::containerwindows >>>>> ($w)]] >>>>> } >>>>> >>>>> + proc CloseAllWindows {} { >>>>> + variable windows >>>>> + variable containerwindows >>>>> + >>>>> + foreach win $windows { >>>>> + if {![winfo exists $win]} { >>>>> + continue >>>>> + } >>>>> + set upwin [winfo toplevel $win] >>>>> + >>>>> + if {[info exists containerwindows >>>>> ($upwin)]} { >>>>> + # this is a tabbed window, so >>>>> closing all >>>>> tabs does the trick >>>>> + CloseAll $upwin >>>>> + destroy $upwin >>>>> + } else { >>>>> + # this seems to be a normal >>>>> window, so >>>>> close the usual way >>>>> + Close $upwin >>>>> + } >>>>> + } >>>>> + >>>>> + set windows [list] >>>>> + } >>>>> + >>>>> proc CloseAll { w } { >>>>> variable containerwindows >>>>> variable containers >>>>> >>>>> Modified: trunk/amsn/gui.tcl >>>>> ================================================================== >>>>> = >>>>> --- trunk/amsn/gui.tcl 2007-07-26 09:31:16 UTC (rev 8928) >>>>> +++ trunk/amsn/gui.tcl 2007-07-26 12:36:00 UTC (rev 8929) >>>>> @@ -4114,6 +4114,9 @@ >>>>> set save_idx [$menu index "[trans savecontacts]"] >>>>> set load_idx [$menu index "[trans loadcontacts]"] >>>>> enableEntries $menu [list $add_idx $del_idx $prop_idx >>>>> $grp_add_idx >>>>> $grp_del_idx $grp_ren_idx $hist_idx $cam_idx $save_idx >>>>> $load_idx] 0 >>>>> + >>>>> + # close all chatwindows >>>>> + ::ChatWindow::CloseAllWindows >>>>> } >>>>> >>>>> proc ShowFirstTimeMenuHidingFeature { parent } { >>>>> >>>>> >>>>> This was sent by the SourceForge.net collaborative development >>>>> platform, >>>>> the world's largest Open Source development site. >>>>> >>>>> ------------------------------------------------------------------ >>>>> -- >>>>> ----- >>>>> This SF.net email is sponsored by: Splunk Inc. >>>>> Still grepping through log files to find problems? Stop. >>>>> Now Search log events and configuration files using AJAX and a >>>>> browser. >>>>> Download your FREE copy of Splunk now >> http://get.splunk.com/ >>>>> _______________________________________________ >>>>> Amsn-commits mailing list >>>>> [EMAIL PROTECTED] >>>>> https://lists.sourceforge.net/lists/listinfo/amsn-commits >>>>> >>> >>>> ------------------------------------------------------------------- >>>> -- >>>> ---- >>>> This SF.net email is sponsored by: Splunk Inc. >>>> Still grepping through log files to find problems? Stop. >>>> Now Search log events and configuration files using AJAX and a >>>> browser. >>>> Download your FREE copy of Splunk now >> http://get.splunk.com/ >>>> _______________________________________________ >>>> Amsn-devel mailing list >>>> Amsn-devel@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/amsn-devel >>> >>> >>> -------------------------------------------------------------------- >>> -- >>> --- >>> This SF.net email is sponsored by: Splunk Inc. >>> Still grepping through log files to find problems? Stop. >>> Now Search log events and configuration files using AJAX and a >>> browser. >>> Download your FREE copy of Splunk now >> http://get.splunk.com/ >>> _______________________________________________ >>> Amsn-devel mailing list >>> Amsn-devel@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/amsn-devel >> >> >> --------------------------------------------------------------------- >> ---- >> This SF.net email is sponsored by: Splunk Inc. >> Still grepping through log files to find problems? Stop. >> Now Search log events and configuration files using AJAX and a >> browser. >> Download your FREE copy of Splunk now >> http://get.splunk.com/ >> _______________________________________________ >> Amsn-devel mailing list >> Amsn-devel@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/amsn-devel > > ---------------------------------------------------------------------- > --- > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a > browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _______________________________________________ > Amsn-devel mailing list > Amsn-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/amsn-devel ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Amsn-devel mailing list Amsn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amsn-devel
