Is user separation enough to hide Tor state from Vidalia?

While the primary reason for Vidalia running as a separate user is that it needs full access to the control port, which leak all Tor circuit state (#9365) but also more dangerous stuff like the Tor process idea of the external IP address. However, since Vidalia is an X application, perhaps some X protocol magic can be used by a compromised application (under the amnesia user) to interact with Vidalia (and hence its full access to the control port) via some X protocol magic?

Related issues

Related to #9365
Related to #7072
Related to #9001 (closed)

Original created by @anonym on 9366 (Redmine)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information