On Tue, Feb 20, 2018 at 12:48:48PM +0100, Victor Toso wrote: > On Thu, Jan 18, 2018 at 10:31:26AM +0100, Christophe Fergeau wrote: > > At least on X.org, malicious code could run the equivalent of "watch > > xsel -o --clipboard" in a VM, and would then be able to track all the > > clipboard content, even when the spice-gtk widget is not focused. > > > > At the moment, applications call spice_set_session_option(), and then > > set SpiceGtkSession::auto-clipboard to TRUE (or to its saved state). > > This commit adds a --spice-disable-clipboard option, and if it's set, > > SpiceGtkSession::auto-clipboard will not be changeable and will always > > be FALSE. > > The only side effect I noticed is that enabling "clipboard sharing" in > > GNOME Boxes VM preferences will appear to work, but will not enable > > clipboard, and will be reset to off next time the preferences dialog is > > open. > > You mean running gnome-boxes --spice-disable-clipboard still > shows clipboard enabled? Any bug filed already? If yes, I think > we could add to the commit log. There's a "clipboard sharing enabled" GObject property on some spice-gtk object. Boxes uses it to enable/disable clipboard sharing. Now if you use --spice-disable-clipboard, this property is always going to be disabled even if Boxes tries to set it to TRUE. But Boxes is not aware of that, so when clicks on the checkbox in the UI, it appears to be toggled, but if you close the dialog and come back, then it will be shown as disabled again. I haven't filed yet a Boxes bug for that. Christophe
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/spice-devel