_Originally created by @anonym on [#9366 (Redmine)](https://public-redmine-archive.tails.boum.org/code/issues/9366)_ While the primary reason for Vidalia running as a separate user is that it needs full access to the control port, which leak all Tor circuit state (tails/tails#9365) but also more dangerous stuff like the Tor process idea of the external IP address. However, since Vidalia is an X application, perhaps some X protocol magic can be used by a compromised application (under the amnesia user) to interact with Vidalia (and hence its full access to the control port) via some X protocol magic? ### Related issues - **Related to** tails/tails#9365 - **Related to** tails/tails#7072 - **Related to** tails/tails#9001