Since Ubuntu uses several "xhost +..." lines in its default configuration, one could argue it should have compiled TCL/Tk with the TK_NO_SECURITY flag set, otherwise Tk's "send" IPC breaks, which is really what I suspect this bug report is all about.
Even better would be to patch in Tk the "xhost" security test to allow the three (apparently harmless and useful ones) xhost exceptions in the Ubuntu configuration to pass through without an alert.
Since Ubuntu uses several "xhost +..." lines in its default configuration, one could argue it should have compiled TCL/Tk with the TK_NO_SECURITY flag set, otherwise Tk's "send" IPC breaks, which is really what I suspect this bug report is all about.
Even better would be to patch in Tk the "xhost" security test to allow the three (apparently harmless and useful ones) xhost exceptions in the Ubuntu configuration to pass through without an alert.