post feature request for more secure clipboard sharing against VirtualBox and KVM

Phabricator Tickets
1

Information

ID: 720
PHID: PHID-TASK-l35pxmljlimbn42mm2bt
Author: JasonJAyalaP
Status at Migration Time: open
Priority at Migration Time: Normal

Description

In VirtualBox / KVM:

* `ctrl + c` in a VM leads to copying the contents into the VMs clipboard as well as into the host clipboard as well as into the clipboard of any other VM
* `ctrl + c` on the host leads to copying the contents into the host's clipboard as well as into the clipboard of any VM
* this is non-ideal for security since in many cases VMs are used to compartmentalize things.

In Qubes:

* `ctrl + c` / `ctrl + v` takes effect only inside the VM. 
* Each VM has its own independent clipboard.
* The Qubes host (dom0) has its own independent clipboard.
* Qubes introduced the concept of a global clipboard.
* To global copy the user has to run `ctrl + shift + c`. This copies contents into the global clipboard.
* A subsequent `ctrl + shift + v` pastes it into one other VM.
* ("global clipboard" is a non-ideal name. The "global" clipboard cannot be read by other VMs in which `ctrl + shift + v` was not used.)
* After `ctrl + shift + v` the global clipboard gets cleared to prevent accidental leakage into another VM.
* These are my words. This is how Qubes describes the feature: [1]

[1] https://www.qubes-os.org/doc/copy-paste/

TODO:
rehash and post feature requests against VirtualBox and KVM

KVM

Comments

JasonJAyalaP

2017-10-16 22:00:07 UTC

Patrick

2017-10-17 10:48:47 UTC

HulaHoop

2019-04-25 02:01:55 UTC

Patrick

2019-04-26 10:59:17 UTC

HulaHoop

2019-04-30 21:52:37 UTC

Patrick

2019-05-01 00:25:44 UTC

HulaHoop

2019-05-22 05:33:16 UTC