Comment 116 for bug 984785

ok I seem to have made some head way on this & I think this file is definitely created by a bug within xauth:

┌─(t0m5k1@b0x)-(1221/pts/1)-(10:59am:16/05/13)-
└─>(%:~)
└─>> la | grep '.goutputstream-*' && strings .goutputstream-*
-rw------- 1 t0m5k1 users 44 Sep 13 2012 .goutputstream-14KUKW
-rw------- 1 t0m5k1 users 44 Sep 25 2012 .goutputstream-2BUBLW
-rw------- 1 t0m5k1 users 0 Apr 14 2012 .goutputstream-2PZXCW
-rw------- 1 t0m5k1 users 44 Sep 13 2012 .goutputstream-3MGKKW
-rw------- 1 t0m5k1 users 44 Dec 13 00:01 .goutputstream-3Q8BPW
-rw------- 1 t0m5k1 users 44 Feb 28 15:55 .goutputstream-5GBPSW
-rw------- 1 t0m5k1 users 44 Mar 9 01:15 .goutputstream-BPSMTW
-rw------- 1 t0m5k1 users 44 Aug 29 2012 .goutputstream-BY59IW
-rw------- 1 t0m5k1 users 44 Feb 19 23:55 .goutputstream-CJI2SW
-rw------- 1 t0m5k1 users 44 Mar 3 00:30 .goutputstream-EDXHTW
-rw------- 1 t0m5k1 users 44 Apr 20 15:05 .goutputstream-HL66VW
-rw------- 1 t0m5k1 users 44 Dec 15 11:08 .goutputstream-N0KDPW
-rw------- 1 t0m5k1 users 44 Dec 15 11:20 .goutputstream-X56DPW
-rw------- 1 t0m5k1 users 44 Nov 4 2012 .goutputstream-XG3ENW
MIT-MAGIC-COOKIE-1
MIT-MAGIC-COOKIE-1
MIT-MAGIC-COOKIE-1
MIT-MAGIC-COOKIE-1
MIT-MAGIC-COOKIE-1
MIT-MAGIC-COOKIE-1
MIT-MAGIC-COOKIE-1
MIT-MAGIC-COOKIE-1
MIT-MAGIC-COOKIE-1
MIT-MAGIC-COOKIE-1
MTVG
MIT-MAGIC-COOKIE-1
MIT-MAGIC-COOKIE-1
MIT-MAGIC-COOKIE-1

┌─(t0m5k1@b0x)-(1223/pts/1)-(11:02am:16/05/13)-
└─>(%:~)
└─>> man xauth
<snip>
generate displayname protocolname [trusted|untrusted]
               [timeout seconds] [group group-id] [data hexdata]

               This command is similar to add. The main difference is that instead of requiring the user to supply the key data, it connects to the server specified in displayname and uses the
               SECURITY extension in order to get the key data to store in the authorization file. If the server cannot be contacted or if it does not support the SECURITY extension, the command
               fails. Otherwise, an authorization entry for the indicated display using the given protocol is added to the authorization file. A protocol name consisting of just a single period
               is treated as an abbreviation for MIT-MAGIC-COOKIE-1.
<snip>
EXAMPLE
       The most common use for xauth is to extract the entry for the current display, copy it to another machine, and merge it into the user's authority file on the remote machine:

               % xauth extract - $DISPLAY | ssh otherhost xauth merge -

       The following command contacts the server :0 to create an authorization using the MIT-MAGIC-COOKIE-1 protocol. Clients that connect with this authorization will be untrusted.
            % xauth generate :0 .
<snip>
BUGS
       Users that have unsecure networks should take care to use encrypted file transfer mechanisms to copy authorization entries between machines. Similarly, the MIT-MAGIC-COOKIE-1 protocol is
       not very useful in unsecure environments. Sites that are interested in additional security may need to use encrypted authorization mechanisms such as Kerberos.