GNOME Bugzilla – Bug 503005
Possible security issue: notify feature allows leaking of the selection & clipboard
Last modified: 2007-12-12 18:25:11 UTC
Quoting http://bugs.debian.org/455484 : With the addition of the feature to send a message to the logged in user when they return and unlock a locked session, this gives local attackers the ability to read the X selection and clipboard buffers with a middle click on the mouse and a Ctrl+V. I note that the box to leave a message doesn't have a context menu that you could paste via, but it doesn't go far enough.
Thanks for the bug report. This particular bug has already been reported into our bug tracking system, but please feel free to report any further bugs you find. *** This bug has been marked as a duplicate of 482159 ***