[Spice-devel] RFC [spice-gtk] session: Allow to delay sending clipboard to the guest

Thu Jan 11 16:42:00 UTC 2018

Hi

----- Original Message -----
> On Thu, Jan 11, 2018 at 3:29 PM, Marc-André Lureau
> <marcandre.lureau at redhat.com> wrote:
> >
> > Hi
> >
> > ----- Original Message -----
> > > On Wed, Jan 10, 2018 at 06:48:14PM -0500, Marc-André Lureau wrote:
> > > > Hi
> > > >
> > > > ----- Original Message -----
> > > > > On Tue, Jan 09, 2018 at 12:16:33PM -0500, Marc-André Lureau wrote:
> > > > > > I think it's problematic for traditional applications as well.
> > > > > > clipboard access is probably going to be limited by default and
> > > > > > only
> > > > > > accessed through so-called "portals", just like file access etc.
> > > > > > This
> > > > > > topic should be brought on desktop / flatpak mailing list.
> > > > >
> > > > > Maybe in some distant future, all applications everyone is running
> > > > > will
> > > > > be flatpak, and will be using portals to improve security. The same
> > > > > thing can be said regarding wayland, which does not have this issue.
> > > > > Some time in the future, this will become a non-issue. However,
> > > > > solving
> > > > > this now on x11 is definitely not something which should be related
> > > > > to
> > > > > portals/flatpak in my opinion.
> > > >
> > > > I propose a --spice-disable-clipboard, and client UI to switch on/off
> > > > clipboard sharing functionality.
> > > >
> > > > Something different will likely break some clipboard users or lower
> > > > experience.
> > >
> > > One additional note on that, I was initially worried about which use
> > > cases were going to be broken by these changes. Then I realized that the
> > > very same use cases would be broken when using wayland (after taking into
> > > account Jakub's comments). Since this potential breakage will happen
> > > anyway whether we want it or not, it's not going to make a big
> > > difference if we do the same when running on  X11.
> >
> > So this change isn't needed for Wayland, and your patch changes the
> > clipboard behaviour to be similar as Wayland.
> >
> > Why couldn't this be done at Gtk level? This would give a similar clipboard
> > behaviour for all Gtk app wether they run on Wayland or X, or windows etc.
> > They would also benefit the same "added security".
> 
> Do you think this change would make it to GTK3? I think it could
> potentially break some apps. Note that e.g. spice-vdagent takes
> advantage of this "security issue" in X11 - it has no window and
> listens for the clipboard changes all the time.

Those gtk applications would break on wayland today anyway, right?

> (it seems that clipboard system for GTK 4 has been reworked quite a
> bit - see https://git.gnome.org/browse/gtk+/log/?h=wip/otte/clipboard
> - this is already merged into master)

I have not much time to look at the details, but I don't think we should rush into changing the behavior of the clipboard in spice only. This is more windowing/toolkit level issue.