On 12/29/12 17:09, George Walker wrote:
> I just checked the wiki, and noticed that both the file copy and copy/paste
> operations use Xen shared memory, and both seem to accomplish the same
> security objectives (preventing snooping by other domains, having superior
> security to employing sneaker-net (i.e. walking with block devices) between
> air-gapped machines, etc.). In fact, they use very-nearly the same blurb
> of text to describe their security. It sure would be nice if copy/paste
> were a general-purpose tool in Qubes...
>
Well, everything ultimately is a just a stream of bits, right? ;)
The problem with X11 clipboard is that there are essentially two
mechanisms for it (simplifying):
1) a passive mechanism, which do not involve the sending app to
cooperate with the receiving app (and this is what we use in Qubes when
we fetch the clipboard from an AppVM)
2) an active mechanism, which involves active cooperation between the
sending and receiving application. This might involve e.g. the two apps
deciding on using some richer format than plain text for clipboard
exchange. This happens e.g. when you copy and paste between two
LibreOffice windows, as well as between two Nautilus windows.
For obvious reasons we don't want to use the latter in Qubes, because it
seems like a great avenue for possible attacks. So, we resort to the
simplest form of clipboard when we fetch and paste it between different
AppVMs.
joanna.