https://bugs.kde.org/show_bug.cgi?id=498413
Bug ID: 498413
Summary: Password leak risk from perhaps kind of insecure
clipboard UI design
Classification: Plasma
Product: plasmashell
Version: 6.2.4
Platform: Other
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: general
Assignee: plasma-b...@kde.org
Reporter: e...@horse64.org
CC: k...@davidedmundson.co.uk
Target Milestone: 1.0
SUMMARY
I just had a password leaked to a VM that shouldn't ever have access t o it
because of a multitude of what I think are a multitude of rather dangerous UI
defaults. One of them is that KDE, on the host system, apparently keeps a
clipboard history, yet I never enabled this and was never made aware. Since I
use the clipboard for passwords somewhat often, this is a potential security
issue. I think the safe way to go about this would be to add to the initial
on-boarding dialog whether I want to have clipboard history, and otherwise
default it to off, or at the very least make me in some kind of way aware that
there is any.
STEPS TO REPRODUCE
1. Install KDE, don't interact with any sort of clipboard history ever, and you
probably also won't get a popup about it. I didn't
2. Install virt-manager and set up guest VM and install virtio packages on host
3. virt-manager will apparently enable sharing of clipboard by default which
seems like a major security issue (but separately from this one here), and not
only share the current clipboard contents but the entire clipboard history
4. Your VM now has your entire clipboard history, not even just the most recent
entry, which exposes you to a security risk even if the last item you copied
before interacting with the VM was unproblematic.
OBSERVED RESULT
Clipboard history seems to be enabled by default and it seems to be not obvious
at all. My apologies if I'm just being unbelievably inattentive or something,
but I'm pretty sure I've used this machine for months without knowing that this
was going on.
EXPECTED RESULT
Clipboard history is either disabled by default with an opt-in in the KDE
onboarding dialog that comes up when launching a session for the first time, or
it's really obvious that it is enabled via some sort of popup that ideally asks
me if I want to keep it enabled or not.
SOFTWARE/OS VERSIONS
Windows:
macOS:
(available in the Info Center app, or by running `kinfo` in a terminal window)
Linux/KDE Plasma: postmarketOS v24.12 based on Alpine 3.21.2
KDE Plasma Version: 6.2.4
KDE Frameworks Version: 6.8.0
Qt Version: 6.8.0
ADDITIONAL INFORMATION
--
You are receiving this mail because:
You are watching all bug changes.
