On Thu, Jan 18, 2018 at 12:06:34PM +0100, Marc-André Lureau wrote: > Hi > > On Thu, Jan 18, 2018 at 10:31 AM, Christophe Fergeau > <cfergeau@xxxxxxxxxx> wrote: > > At least on X.org, malicious code could run the equivalent of "watch > > xsel -o --clipboard" in a VM, and would then be able to track all the > > clipboard content, even when the spice-gtk widget is not focused. > > > > At the moment, applications call spice_set_session_option(), and then > > set SpiceGtkSession::auto-clipboard to TRUE (or to its saved state). > > This commit adds a --spice-disable-clipboard option, and if it's set, > > SpiceGtkSession::auto-clipboard will not be changeable and will always > > be FALSE. > > The only side effect I noticed is that enabling "clipboard sharing" in > > GNOME Boxes VM preferences will appear to work, but will not enable > > clipboard, and will be reset to off next time the preferences dialog is > > open. > > > > https://bugzilla.redhat.com/show_bug.cgi?id=1320263 > > Looks reasonable to me. However, I thought we wanted a way to disable > clipboard by default. > > Wouldn't it make sense to introduce some GSetting key(s) for that instead? > > This way, the behaviour can be enforced globally without changing the > way applications are started. I think you want both, you don't necessarily want c&p for all or none of your VMs. I don't know if we can check if the admin locked down a particular GSettings through the API? If the global value is locked down to FALSE, then we should enforce it, otherwise we should accept --spice-disable-clipboard. So a GSettings patch would probably be a followup to that one. Christophe
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/spice-devel