Path: utzoo!utgpu!water!watmath!clyde!rutgers!ucla-cs!zen!ucbvax!dill.Berkeley.EDU!deboor
From: deboor@dill.Berkeley.EDU.berkeley.edu (Adam R de Boor)
Newsgroups: comp.windows.x
Subject: Re: Why XSendEvent sets hibit of type?
Message-ID: <22555@ucbvax.BERKELEY.EDU>
Date: 12 Jan 88 23:33:14 GMT
References: <8801090141.AA08906@arc.com>
Sender: usenet@ucbvax.BERKELEY.EDU
Reply-To: deboor@dill.Berkeley.EDU.UUCP (Adam R de Boor)
Organization: University of California, Berkeley
Lines: 12

The main Good Reason for XSendEvent to set the high bit is to forestall
fraud (this is something I was going to mention when the Siemens folks
brought it up, but it didn't seem that important at the time). Imagine, if
you will, an xterm window, perhaps running a root shell, and a malicious
person (who, perhaps, identifies the correct window by looking for a
descriptive name like "Root Shell") who sends a string of KeyPress and
KeyRelease events to the window to get it to do things... Masking the
high bit off is harmless for most applications, but there are a few where
it causes a potentially-serious security breach. Perhaps the event
translation manager could be made to mask the high bit upon request...

a