A secure clipboard is nice to have becuase there's no tradeoff between convenience and safety. A vm can read the global clipboard only when you want it. The Xen based Qubes has it and I don't see why KVM's spice and libvirt can't. Here is how they did it: slide 10 from https://events.linuxfoundation.org/sites/events/files/slides/LinuxCon_2014_Qubes_Tutorial.pdf Challenge: copy clipboard from VM ?Alice? to VM ?Bob?, don?t let VM ?Mallory? to learn its content in the meantime Solved by introducing Qubes ?global clipboard? to/from which copy/paste is explicitly controlled by the user (Ctrl-Shift-C, Ctrl-Shift-V) Requires 4 stages: Ctrl-C (in the source VM) Ctrl-Shift-C (tells Qubes: copy this VM buffer into global clipboard) Ctrl-Shift-V (in the destination VM: tells Qubes: make global clipboard available to this VM) Ctrl-V (in the destination VM) Ctrl-Shift-C/V cannot be injected by VMs (unspoofable key combo). In practice almost as fast as traditional 2-stage copy-paste (don?t freak out! ;) More technical explanation https://www.qubes-os.org/doc/CopyPaste/ _______________________________________________ virt-tools-list mailing list virt-tools-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/virt-tools-list