On Sat, 9 Apr 2011, Bjartur Thorlacius wrote:
Adam Strzelecki wrote:
It is safer to remove this atom just after it is set in case we send
some URL containing passwords or auth tokens
I'm confused as to the state between setting _SURF_GO and removing it.
It smells like a race condition to me, but then again I don't
understand X11 properties. I'd like a clarification as to how security
is kept in the meantime (between setting and removal of _SURF_GO).
Security isn't kept. This seems like more of a prevention of accidental
disclosure than real security. (And therefore pointless...?)
As an example, with this patch applied, run the following:
# start surf, grabbing its ID
$ surf -x
52428803
# in a 'spy' terminal
$ xprop -spy -id 52428803 _SURF_GO
# elsewhere, update _SURF_GO:
$ sprop 52428803 _SURF_GO asdf
The output in the spy terminal is:
_SURF_GO: not found
_SURF_GO(UTF8_STRING) = 0x61, 0x73, 0x64, 0x66 == "asdf"
_SURF_GO: not found
--
Best,
Ben