Page MenuHomePhabricator
Create Task
Maniphest T555

Host<->guest clipboard for KVM gateway is default on, should be off
Closed, WontfixPublic
Actions

Description

For KVM gateway, the XML file needs to have the clipboard set to off for the gateway (it is default on currently for 13.0.0.1.1) . Klipper in the gateway sits there collecting the entire contents of everything copy-pasted in the host. Also, Klipper really shouldn't auto-start in the gateway, and probably not in the workstation; it just makes clipboard history that much easier to access for exploit.

Details

Impact
High

Event Timeline

HawKing created this task.Sep 5 2016, 5:28 PM
Herald added a project: Whonix. · View Herald TranscriptSep 5 2016, 5:28 PM
Herald added subscribers: entr0py, WhonixQubes, Patrick. · View Herald Transcript
HawKing triaged this task as High priority.Sep 5 2016, 5:29 PM
HawKing raised the priority of this task from High to Needs Triage.
HulaHoop added a subscriber: HulaHoop.Sep 7 2016, 4:01 PM

Hello HawKing. The reason we decided to enable it for the gateway is because it makes it easier to paste bridge addresses. The GW is considered part of the trusted computing base and if it isn't you will have much bigger problems that it just seeing clipboard input.

HulaHoop closed this task as Wontfix.Sep 10 2016, 12:04 AM
HulaHoop claimed this task.
Whonix OLD Issue Tracker · PLEASE DO NOT POST NEW TICKETS HERE · OLD Issue Tracker - Unread Notifications · OLD Issue Tracker - Feed · OLD Issue Tracker - Open Issues · NEW Issue Tracker · Homepage · Blog · Forum · Legal · Imprint · Privacy Policy · Terms of Use · Disclaimer