[Spice-devel] RFC [spice-gtk] session: Allow to delay sending clipboard to the guest
Christophe Fergeau
cfergeau at redhat.com
Fri Jan 12 13:31:56 UTC 2018
On Fri, Jan 12, 2018 at 08:05:24AM -0500, Marc-André Lureau wrote:
>
> Is it really a security reason the clipboard behaviour is different on
> Wayland?
I don't know the reason for this behaviour, for me this is similar to
preventing applications from capturing the whole screen.
https://wiki.x.org/wiki/Events/XDC2014/XDC2014DodierPeresSecurity/xorg-talk.pdf
has a slide with
"Some common GUI requirements are un-secure by design
• Clipboard monitoring"
so at least some people wanted to fix some security problems in xorg
clipboard implementation.
> For me, this "share on focus" is not a more secure behaviour.
"VM can monitor everything which goes in your clipboard while you are
not using it" VS "VM can get what is in your clipboard when you switch
to it" sounds more secure to me, even if not perfect.
Christophe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.freedesktop.org/archives/spice-devel/attachments/20180112/c32eaccc/attachment.sig>
More information about the Spice-devel
mailing list