Comment 21 for bug 1484237

I've also shown verified that even a delay of 1 second in my test shell script will cause this not to occur. That means that that the attack vector here is literally less than a second. And is probably 100% artificial. An attacker would have to get a token and an admin would have to notice and revoke it in less than a second for the token revoke to fail in this manner.