I somehow missed that:
Quote Originally Posted by bodhi.zazen View Post
But that is like saying ecryptfs is a security risk because if someone knows your password they can decrypt your home directory.

There are protocols in place to secure X sessions in a multi-user environment and they have been in place for many years.

If you disable them (as a user) or circumvent them (as root) they yes, like ecryptfs, X is a security risk, but, IMO, your argument is somewhat twisted.
The point is that the protocols that "secure X sessions in a multi-user environment" simply say who can have access to the session and who doesn't and everybody who does can do as they please. Which is why if you can run an X application in a given session you can snoop on the keystrokes from any other application regardless of the user running it. This type of all-or-nothing access controls is precisely the main problem being discussed here.

And I don't think the analogy to ecryptfs makes sense since with an encrypted file system you only give the key to the kernel and it will still enforce proper access controls for the non-root users. You don't need to give a potentially malicious application the key in order for it to access some files.

Also with regards to this:
Quote Originally Posted by bodhi.zazen View Post
Well, we would discourage such proof of concept discussions / posting of code here.
I can't say I agree with this since first you complain about me being "theoretical" and "paranoid" but then you object to me posting practical code. But it does say "forums admin" on your uniform , so I will respect that request with regards to posting actual code.