Comment 0 for bug 1371170
Revision history for this message
| Jamie Strandboge (jdstrand) wrote information disclosure: clipboard contents can be leaked to other applications | #0 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
demo site
(Get the code!)
Currently, the clipboard is implemented such that all apps can access the contents at any time. The clipboard contents should only be given to apps based on user driven input (eg, a paste operation).
Attack scenario:
1. user launches malicious app 'baz' that polls the clipboard for contents
2. user launches legitimate app 'foo', at which point 'baz' is backgrounded
3. user selects some text and puts it into the clipboard
4. user opens legitimate app 'bar' and pastes text
5. user foregrounds 'baz' which now has access to the clipboard contents
In the above, users can understand that 'foo' and 'bar' have access to the text put in the clipboard. However, it is unexpected that 'baz' also has access since the user didn't paste the text into it.
As it is currently implemented, there is no clipboard timeout, so the contents will persist through the session (unless changed by another copy operation). Application lifecycle will help a little, but not fully since whenever an app is foregrounded, it can the contents of the keyboard.