I think this *is* a security risk. The danger is not only limited to accidental absent-minded twittering: when the keyboard input is not "grabbed", any application (malicious or not) can eavesdrop on the keyboard input stream. This allows a trivial non-privileged userspace keylogger running in the same Xsession to capture passwords gathered by gaskpass.
It's not clear to me how your window manager affects the keyboard input focus lock. Are you running a window manager that interferes with keyboard grabbing? Can you explain more? http://www.pint-stowp.net/software/x11-ssh-askpass/keyboard- grabbing.html See also XGrabKeyboard(3) -- gaskpass does not grab focus https://bugs.launchpad.net/bugs/276530 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
