Moving dom0 screenshots immediately to VMs

173 views
Skip to first unread message

wordsw...@gmail.com

unread,
Jan 19, 2018, 3:55:27 AM1/19/18
to qubes-users
I've been working on a solution for this, but unfortunately there are too many factors that I'm not familiar with.

My goal is to to able to:

1) Take a screenshot using the dom0 hotkey
2) In the "Screenshot" dialogue, select a script from the "Open with:" option
3) A text entry box that prompts me for the destination VM
4) The screenshot is sent to the indicated VM

I think this can be accomplished with

.desktop application file
zenity
qvm-move-to-vm/qvm-copy-to-vm/qvm-open-in-vm

but I'm lost in the details.

Current problems

- I can't get dom0 to include my .desktop application files as "Open with:" options in the "Screenshot" dialogue
- I'm not sure what format the screenshot is in initially... will the .desktop application receive a bunch of bits? Or the path to a temporary file?
- I can figure out how to pipe the screenshot if it's a file, but I don't know how to handle a "bunch of bits" scenario

Has anyone done this already? I'm aware of qvm-screenshot-tool.sh, which looks great, but the code is too complicated for me to review and I just need basic functionality anyway. https://github.com/evadogstar/qvm-screenshot-tool/blob/master/qvm-screenshot-tool.sh

Alex Dubois

unread,
Jan 19, 2018, 6:32:33 AM1/19/18
to qubes-users

This could be useful feature. Happy to help for the dev part...

What do you think about the default behavior being to:
- screen-shot only a VM window? Is it available?
- screen-shot an area that you lasso?

I'm suggesting these because the Qubes default should always be the safest that can be implemented...

Krišjānis Gross

unread,
Jan 19, 2018, 6:43:26 AM1/19/18
to qubes-users

Could be a very useful feature! Current means of taking a screen shot are very very clumsy :)

wordsw...@gmail.com

unread,
Jan 19, 2018, 6:48:28 AM1/19/18
to qubes-users

Qubes already has built-in the capability to screenshot the entire desktop (Printscreen) or the current window (Ctrl+Printscreen).

Lasso would be nice I suppose, but might open up some way to exploit.

wordsw...@gmail.com

unread,
Jan 19, 2018, 7:02:39 AM1/19/18
to qubes-users

Just so I'm clearer - I'm just talking about a simple solution, not building any new application. We could use a .desktop file similar to this

[Desktop Entry]
Encoding=UTF-8
Name=BrowserVM
Exec=qvm-open-in-vm APPVMNAME %u
Terminal=false
X-MultipleArgs=false
Type=Application
Categories=Network;WebBrowser;
MimeType=x-scheme-handler/unknown

as documented in https://www.qubes-os.org/doc/tips-and-tricks/#opening-links-in-your-preferred-appvm

I've gotten this done so far

[Desktop Entry]
Encoding=UTF-8
Name=Open Screenshot in VM
Exec=zenity --entry --text="Enter destination domain name:" | qvm-open-in-vm %u
Terminal=false
X-MultipleArgs=false
Type=Application
Categories=Network;WebBrowser;
MimeType=x-scheme-handler/unknown

Tom Zander

unread,
Jan 19, 2018, 7:05:36 AM1/19/18
to qubes...@googlegroups.com, wordsw...@gmail.com
On Friday, 19 January 2018 12:48:27 CET wordsw...@gmail.com wrote:
> Qubes already has built-in the capability to screenshot the entire desktop
> (Printscreen) or the current window (Ctrl+Printscreen).

Yes, it does.

But this is not something you should use and then send to a VM becuase that
VM then suddenly gets knowledge about all the other windows on screen that
may be from another VM.

Imagine having your Vault VM window open with all your passwords and then
you auto-upload a screenshot of that into a compromised VM which then causes
the screenshot to be uploaded to a server.

I'm not aware of any way to avoid this data-leakage using the screenshot
application in dom0.
--
Tom Zander
Blog: https://zander.github.io
Vlog: https://vimeo.com/channels/tomscryptochannel


Alex Dubois

unread,
Jan 19, 2018, 12:52:41 PM1/19/18
to qubes-users
On Friday, 19 January 2018 12:05:36 UTC, Tom Zander wrote:
> On Friday, 19 January 2018 12:48:27 CET wordsw...@gmail.com wrote:
> > Qubes already has built-in the capability to screenshot the entire desktop
> > (Printscreen) or the current window (Ctrl+Printscreen).
>
> Yes, it does.
>
> But this is not something you should use and then send to a VM becuase that
> VM then suddenly gets knowledge about all the other windows on screen that
> may be from another VM.

Default should prevent, but user should have choice.

>
> Imagine having your Vault VM window open with all your passwords and then
> you auto-upload a screenshot of that into a compromised VM which then causes
> the screenshot to be uploaded to a server.
>
> I'm not aware of any way to avoid this data-leakage using the screenshot
> application in dom0.
> --
> Tom Zander
> Blog: https://zander.github.io
> Vlog: https://vimeo.com/channels/tomscryptochannel

XFCE (default Qubes Windows manager) provides a screenshot application (Menu/System Tools/Screenshot activated with the PrintScreen Key as well)
This launch a windows with:
- Region to capture (radio selection)
- Entire screen (selected by default)
- Active window
- Select a region
- Delay before capturing
- X seconds (default is 1)
- Capture mouse pointer
- Y/N (default Y)

What I think needs to be done:
- Change the default for region to capture to "active window"
- Also
- hook into screenshot so that either
- when OK (or Enter key) is pressed
- the Save As dialog is replace by another one where you put the VM name (and it goes into QubesIncoming in that VM, for Dom0 into /home/user/screenshots)
- Dom0 Confirmation pop-up appear (same as usual copy/move file) with a preview (TBC)?
OR - the Save As dialog has a kind of "network drive list" which is the list of VMs that are running, and saving there save to QubesIncoming for that VM. You have to prevent the create directory and other stuff probably. Benefit is that it is probably re-usable for any Dom0 apps which use the Save As window.

Alex Dubois

unread,
Jan 19, 2018, 2:00:27 PM1/19/18
to qubes-users

OK for the impatient, this will send a screenshot of the current window to a VM (no selection of target VM for the moment):

1- Bind shortcut key:
Click on: Menu/System Tools/Keyboard
Click on: Application Shortcuts tab
Click on Add
Command: xfce4-screenshooter -w -o /usr/local/bin/screenshooter.sh
Bind to Ctrl + Shift + PrintScreen (or whatever you want)

2- Create script that will copy the file to the target VM
in Dom0 terminal
sudo vi /usr/local/screenshooter.sh

#!/bin/bash
cat $1 qvm-run --pass-io <VMName> "cat > /home/user/`echo $1 | awk -F'/' '{print $3}'`"

where <VMName> is the started VM that will receive the screenshot. You can obviously choose a path that user has write access to. You may want to clean the file that is save by default in /tmp by adding this line
rm /tmp/`echo $1 | awk -F'/' '{print $3}'`"

3- Make the script executable
sudo chmod a+x /usr/local/bin/screenshooter.sh


Yethal

unread,
Jan 19, 2018, 2:37:43 PM1/19/18
to qubes-users
there is the qvm-screenshot-tool. Is that not enough?

Alex Dubois

unread,
Jan 19, 2018, 3:16:10 PM1/19/18
to qubes-users
Never heard of it. In which package is-it?

Yethal

unread,
Jan 20, 2018, 1:12:01 AM1/20/18
to qubes-users

Jean-Philippe Ouellet

unread,
Jan 20, 2018, 1:21:36 AM1/20/18
to wordsw...@gmail.com, qubes-users
This problem has already been solved, but upstreaming it was stalled
for some policy reasons. See here:
https://github.com/QubesOS/qubes-issues/issues/953

My implementation can be found here:
https://github.com/jpouellet/qubes-screenshot-helper

Regards,
Jean-Philippe

Alex Dubois

unread,
Jan 20, 2018, 4:51:46 AM1/20/18
to qubes-users

Ah great. I like this implementation. Reviewing the code it does not seem to introduce any risk and provide all the functionality required.

Could you explain briefly the steps to install (after the git pull).

May I also ask you for some help/pointer on a yubikey package I've done. I just need to do the packaging and it may save me some time if you were to give me few pointers...

Project is here... the doc state that it is packages, but it is not (yet)...
https://github.com/adubois/qubes-app-linux-yubikey

Please reply in that thread if you want:
https://groups.google.com/forum/#!topic/qubes-users/BkdTuXZZnwE

Jean-Philippe Ouellet

unread,
Jan 22, 2018, 2:09:00 AM1/22/18
to Alex Dubois, qubes-users
Set up qubes-builder [1], clone the repo into qubes-src subdir of
qubes-builder repo, then add:
COMPONENTS += your-component-name
to builder.conf, and `make your-component-name` from top level
qubes-builder dir.

Documentation on how to package your own things such that they plug
into the Qubes builder framework (via Makefile.builder) can be found
under doc/ in a checked out qubes-builder.

If you have further specific questions, feel free to ask on qubes-devel.

Regards,
Jean-Philippe

[1]: https://www.qubes-os.org/doc/qubes-builder/
Reply all
Reply to author
Forward
0 new messages