On Tue, Jan 15, 2019 at 8:11 PM Victor Toso <victortoso@xxxxxxxxxx> wrote: > > From: Victor Toso <me@xxxxxxxxxxxxxx> > > Hi, > > Several iteractions trying to avoid some bug in X11 but in the end I > found the iteraction with Clibpoard managers (or any other application > that request/set clipboard data) a bit more urgent. > > Simple try here, to not allow another application to request clipboard > data from guest while the user is theoretically interacting with that > guest machine as spice client holds the keyboard-grab. > > As pointed out by elmarco [0], that might be something desireable. So, > I'm introducing the possibility to enable it but have it disabled by > default. Iho, this kind of desktop policy doesn't belong in spice-gtk. If you don't trust the desktop, how can you trust the client itself? Isn't it already the clipboard behaviour on Wayland? If really more secure, shouldn't it be enforced at a lower-level, at gtk level? In any case, I don't think this needs to delay v0.36, since it's not a regression. Hopefully, you agree and we can solve this for the next release. > Tested on X11 and Wayland clients. > > There are more than on away to achieve this idea so feedback is welcome. > > I expect that the spice client would implement some sort to commandline > option like --allow-clipobard-managers to enable/disable the > SpiceGtkSession property on the fly. For now, there is an option in > spicy testing tool. > > James, would be great if you could verify if this series keep your > environment bug free. > > Cheers, > > Victor Toso (2): > gtk-session: introduce clipboard-managers property > gtk-session: add request targets delayed > > src/spice-gtk-session.c | 128 +++++++++++++++++++++++++++++++++++++--- > tools/spicy.c | 6 ++ > 2 files changed, 125 insertions(+), 9 deletions(-) > > -- > 2.20.1 > -- Marc-André Lureau _______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/spice-devel