https://bugs.kde.org/show_bug.cgi?id=372116
Pedro V <voidpointertonull+bugskde...@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |voidpointertonull+bugskdeor | |g...@gmail.com --- Comment #21 from Pedro V <voidpointertonull+bugskde...@gmail.com> --- (In reply to Wiebe Cazemier from comment #20) > I'm unsure why the security considerations is holding this back when KDE has > the 'clipboard history', even defaulting to saving the history to disk, in > plain text in ~/.local/share/klipper/history2.lst. While clipboard security is not exactly in a good position currently, consider the following aspects: - Containerization is already quite popular for GUI programs too, and those are generally not allowed to just start poking files outside of their own restricted environment. Even if currently unfortunately these programs can just continue snooping on the clipboard even in the background, it's still a good idea to establish at least planned boundaries which may get (better) enforcement in the future. - In the current case if clipboard manipulation would be implemented in Konsole without security cautions, then other hosts being connected to and getting presented the user's terminal would get to have access to the user's clipboard too. Just having to trust the local programs is significantly more palatable than having to trust everything you connect to. - Klipper appears to be somewhat security conscious already as it seems to ignore the clipboard when mime type is "x-kde-passwordManagerHint", usually set by password managers, and usually the clipboard is also cleared shortly after copying. While tighter security would be better as mentioned earlier, these kind of measures already reduce the attack surface. If you are still using X11 then you may be frustrated by not getting another permissionless feature, but the longer term goal is Wayland with permissions where a program sitting in the background without user interaction shouldn't be even able to interact with the clipboard unless it was granted such a permission. -- You are receiving this mail because: You are watching all bug changes.