[winswitch] secure clipboard syncing?

Antoine Martin antoine at nagafix.co.uk
Sun Oct 6 06:20:16 BST 2013

On 04/10/13 16:25, Thomas Koch wrote:
> On Wednesday, October 02, 2013 12:41:53 PM Antoine Martin wrote:
>> On 02/10/13 13:53, Timo Juhani Lindfors wrote:
>>> Hi,
>>> I recently became aware that if I keep xpra connections open to
>>> potentially malicious servers they can see everything that I copy to my
>>> clipboard. This is natural and often probably not a huge problem.
>>> However, would it be possible to have something like "--no-clipboard"
>>> that I could toggle at runtime so that I could enable clipboard syncing
>>> for one server just for the duration when I need to actively copy&paste
>>> stuff between that server and my local system?
>> That's exactly what the "Clipboard" toggle in your xpra system tray does.
> It might be a useful security enhancement to have a third option for the 
> clipboard syncinc besides on and off: Sync only on request.
You seem to misunderstand how the X11 clipboard works: what is
synchronized is not the clipboard contents themselves, but the ownership
of the clipboard selection.
In other terms: which application will provide the clipboard data when
requested by another application.
In our terms: which end (client or server) owns a particular clipboard
For more information, there are lots of pointers on the wiki:
> This third option could be used for untrusted systems. I could define a 
> keybinding that would sync my current clipboard content from the local system 
> to the remote system.
> The other sync direction from remote to local could still remain enabled. The 
> only danger I can imagine is that the guest system could put compromising 
> commands in my clipboard in exactly the right moment before I paste from my 
> clipboard into my local (root) shell. But how should an attacker now the right 
> moment?
There is already a ticket for limiting the clipboard direction:
It would not be very difficult to implement, but it isn't high on the
priority list either.
These sorts of options are usually added to the tray menu and adding a
key shortcut would be just a matter of adding an option to the
"--key-shortcut=XXX" command line option.

Please also note that the paranoid can already use clipboard contents
I am in no way claiming that it is possible to provide a comprehensive
list of regular expressions that would filter out all dangerous
clipboard data - just mentioning that the option exists.


> Regards, Thomas Koch

More information about the shifter-users mailing list