xdotool to type senstive data into app vms

[pixel fairy]

in my precube days, i had a vaultvm and various appvms. because firejail could protect the keyboard from scary apps, and i just dont like sensitive data hitting that clipboard, my pass script would copy the vaults clipboard, then type it into the target vm using xdotool over ssh. this worked pretty well, so i was thinking of installing xdotool into dom0 and writing a new script to the same end.

now, i just make new appvms for all the big gui apps or related apps like gimp and blender, which work together.

the only problem i can think of is that this might break with wayland, depending on what order things move. but worst case, were back where we started.

[Jean-Philippe Ouellet]

On Thu, Nov 3, 2016 at 7:38 AM, pixel fairy <pixel...@gmail.com> wrote:
> ... i was thinking of installing xdotool into dom0 and writing a new

> script to the same end.

I believe it would be preferable to put xdotool in the AppVM and
invoke it via qrexec rather than allowing AppVMs to trigger the
generation of events directly in dom0 (which is inherently more
trusted).

Even if one uses --window in dom0 to (hopefully) restrict the handling
of said events to only the intended window, untrusted event handling
in dom0 in general is an attack surface which can be avoided, and IMO
should be.