Page MenuHomePhabricator
Create Task
Maniphest T720

post feature request for more secure clipboard sharing against VirtualBox and KVM
Open, NormalPublic
Actions

Description

In VirtualBox / KVM:

* `ctrl + c` in a VM leads to copying the contents into the VMs clipboard as well as into the host clipboard as well as into the clipboard of any other VM
* `ctrl + c` on the host leads to copying the contents into the host's clipboard as well as into the clipboard of any VM
* this is non-ideal for security since in many cases VMs are used to compartmentalize things.

In Qubes:

* `ctrl + c` / `ctrl + v` takes effect only inside the VM. 
* Each VM has its own independent clipboard.
* The Qubes host (dom0) has its own independent clipboard.
* Qubes introduced the concept of a global clipboard.
* To global copy the user has to run `ctrl + shift + c`. This copies contents into the global clipboard.
* A subsequent `ctrl + shift + v` pastes it into one other VM.
* ("global clipboard" is a non-ideal name. The "global" clipboard cannot be read by other VMs in which `ctrl + shift + v` was not used.)
* After `ctrl + shift + v` the global clipboard gets cleared to prevent accidental leakage into another VM.
* These are my words. This is how Qubes describes the feature: [1]

[1] https://www.qubes-os.org/doc/copy-paste/

TODO:
rehash and post feature requests against VirtualBox and KVM

KVM

Details

Impact
Normal

Event Timeline

JasonJAyalaP created this task.Sep 13 2017, 11:54 PM
Herald added a project: Whonix. · View Herald TranscriptSep 13 2017, 11:54 PM
Herald added subscribers: entr0py, WhonixQubes, Patrick. · View Herald Transcript
JasonJAyalaP added a comment.Oct 16 2017, 10:00 PM

rehash and post feature requests against VirtualBox and KVM

I don't remember. What were the feature requests that we wanted from VB/KVM?

defer

Two small changes. Tell me if you want it for 14.
For reference:

https://github.com/Whonix/Whonix/blob/master/build-steps.d/2600_create-vbox-vm#L103
sudo $SUDO_OPTS VBoxManage modifyvm "$VMNAME" --clipboard bidirectional
https://github.com/Whonix/Whonix/blob/master/build-steps.d/2600_create-vbox-vm#L106
sudo $SUDO_OPTS VBoxManage modifyvm "$VMNAME" --draganddrop hosttoguest

Patrick added a comment.Oct 17 2017, 10:48 AM
In T720#14631, @JasonJAyalaP wrote:

rehash and post feature requests against VirtualBox and KVM

I don't remember. What were the feature requests that we wanted from VB/KVM?

Same way Qubes is doing it. In VirtualBox case that would be:

host key + ctrl + c
host key + ctrl + v
host key + ctrl + x

host key is the terminology that VirtualBox developers are already using.

That. And then read https://www.qubes-os.org/doc/copy-paste/ and rehash to make the case for VirtualBox.

Defer making the KVM feature request to HulaHoop.

defer

Two small changes. Tell me if you want it for 14.
For reference:

https://github.com/Whonix/Whonix/blob/master/build-steps.d/2600_create-vbox-vm#L103
sudo $SUDO_OPTS VBoxManage modifyvm "$VMNAME" --clipboard bidirectional
https://github.com/Whonix/Whonix/blob/master/build-steps.d/2600_create-vbox-vm#L106
sudo $SUDO_OPTS VBoxManage modifyvm "$VMNAME" --draganddrop hosttoguest

Since it's that easy, can be done for Whonix 14.

Patrick edited projects, added usability, VirtualBox; removed Whonix 15.Apr 6 2019, 3:04 PM
Patrick added a subscriber: HulaHoop.
Patrick updated the task description. (Show Details)Apr 24 2019, 8:04 AM
Patrick updated the task description. (Show Details)Apr 24 2019, 8:07 AM
Patrick renamed this task from Better Clipboard and DragnDrop for Whonix to post feature request for more secure clipboard sharing against VirtualBox and KVM.Apr 24 2019, 8:17 AM
Patrick updated the task description. (Show Details)
HulaHoop added a comment.Apr 25 2019, 2:01 AM

Update:

Issue was discussed by Libvirt devs on RedHat bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=1320263#c4
I even linked to a secure clipboard proposal that would have given a secure clipboard functionality by copying Qubes style interaction. It went no where and was closed as WONTFIX.

https://bugzilla.redhat.com/show_bug.cgi?id=1320263#c5

Feel free to pursue this for VBox, as for KVM the issue is moot and you can close the ticket.

Patrick updated the task description. (Show Details)Apr 25 2019, 9:08 AM
Patrick updated the task description. (Show Details)
Patrick updated the task description. (Show Details)
Patrick added a comment.Apr 26 2019, 10:59 AM
In T720#18410, @HulaHoop wrote:

https://bugzilla.redhat.com/show_bug.cgi?id=1320263#c5

No suggestion for a secure implementation was posted there. Therefore not too surprising it went nowhere. I woulnd't take that one as reason to give up already.

https://lists.freedesktop.org/archives/spice-devel/2015-April/019617.html

That one sounds friendly, interested. Perhaps it just was forgotten?

Could you please rehash and post a feature request at https://gitlab.freedesktop.org/groups/spice/-/issues?

HulaHoop added a comment.Apr 30 2019, 9:52 PM

https://gitlab.freedesktop.org/spice/spice-protocol/issues/8

Patrick added a comment.May 1 2019, 12:25 AM

HulaHoop (HulaHoop):

HulaHoop added a comment.

https://gitlab.freedesktop.org/spice/spice-protocol/issues/8

Awesome!

Patrick updated the task description. (Show Details)May 2 2019, 10:04 AM
HulaHoop added a comment.May 22 2019, 5:33 AM

Update:

Accepted as optional feature/usecase. Moved implementation design from protocol level to spice-gtk.

https://gitlab.freedesktop.org/spice/spice-gtk/issues/97

Patrick updated the task description. (Show Details)May 22 2019, 4:51 PM
Whonix OLD Issue Tracker · PLEASE DO NOT POST NEW TICKETS HERE · OLD Issue Tracker - Unread Notifications · OLD Issue Tracker - Feed · OLD Issue Tracker - Open Issues · NEW Issue Tracker · Homepage · Blog · Forum · Legal · Imprint · Privacy Policy · Terms of Use · Disclaimer