[OLPC Security] Bitfrost vs. Rainbow
Karl O. Pinc
kop at meme.com
Fri Apr 11 09:55:00 EDT 2008
On 04/10/2008 02:39:22 PM, Mark Seaborn wrote:
> Michael Stone <michael at laptop.org> wrote:
>
> > On Tue, Apr 01, 2008 at 07:50:52PM +0100, Mark Seaborn wrote:
> > Could you say more about your goals for the clipboard?
>
> Just as sandboxed applications get read or write access to the user's
> files via a trusted-path file chooser (the file powerbox), they should
> only get read or write access to the clipboard via a trusted-path user
> interface. Applications should only be able to read from (paste) or
> write (cut/copy) to the clipboard after an explicit action from the
> user, such as a key press or a mouse click, and the user needs to be
> able to tell what consequence their action will have.
> Note that I am talking about X's CLIPBOARD. The conventional
> interface for X's SELECTION is not securable: pasting with the middle
> button might be securable, but copying just by selecting text is not.
I don't understand the last sentence.
Why is selecting text (or using the middle mouse button to paste)
any less of an "explicit action" than Ctrl-C (or Ctrl-V)?
Karl <kop at meme.com>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
More information about the Security
mailing list