[konsole] [Bug 372116] Feature Request: Support OSC 52 (copy to clipboard)

Pedro V bugzilla_noreply at kde.org
Sat Aug 12 04:05:54 BST 2023 

https://bugs.kde.org/show_bug.cgi?id=372116

Pedro V <voidpointertonull+bugskdeorg at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |voidpointertonull+bugskdeor
                   |                            |g at gmail.com

--- Comment #21 from Pedro V <voidpointertonull+bugskdeorg at gmail.com> ---
(In reply to Wiebe Cazemier from comment #20)
> I'm unsure why the security considerations is holding this back when KDE has
> the 'clipboard history', even defaulting to saving the history to disk, in
> plain text in ~/.local/share/klipper/history2.lst.

While clipboard security is not exactly in a good position currently, consider
the following aspects:
- Containerization is already quite popular for GUI programs too, and those are
generally not allowed to just start poking files outside of their own
restricted environment. Even if currently unfortunately these programs can just
continue snooping on the clipboard even in the background, it's still a good
idea to establish at least planned boundaries which may get (better)
enforcement in the future.
- In the current case if clipboard manipulation would be implemented in Konsole
without security cautions, then other hosts being connected to and getting
presented the user's terminal would get to have access to the user's clipboard
too. Just having to trust the local programs is significantly more palatable
than having to trust everything you connect to.
- Klipper appears to be somewhat security conscious already as it seems to
ignore the clipboard when mime type is "x-kde-passwordManagerHint", usually set
by password managers, and usually the clipboard is also cleared shortly after
copying. While tighter security would be better as mentioned earlier, these
kind of measures already reduce the attack surface.

If you are still using X11 then you may be frustrated by not getting another
permissionless feature, but the longer term goal is Wayland with permissions
where a program sitting in the background without user interaction shouldn't be
even able to interact with the clipboard unless it was granted such a
permission.

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the konsole-devel mailing list