clipboard integration -- possible security implications
w.d.hubbs at gmail.com
Wed Oct 21 12:02:41 EDT 2009
On Wed, Oct 21, 2009 at 01:39:48AM -0700, Tony Baechler wrote:
> Ideally, the clipboard text could be stored in a user's home directory.
> The immediate problem I see is how Speakup is supposed to determine what
> that is. Am I correct in assuming that there is no way for the kernel
> to know what user is logged in and to find that user's home directory?
Correct, the kernel has no idea about where home directories are.
> The next best thing would be to have a file under /sys which would have
> the path and filename where the text should be stored. That way, it
> could be owned by root so no other users could read it. Even if they
> could, they would have to have permission to access the file listed.
> For example, say the sys file is /sys/accessibility/speakup/clip. In
> that file, I echo the following:
> If another user logs in, they would need to have permission to access
> files under /home/tony to do any good. If they wanted to copy text to
> the clipboard, I would have to login as root and change the above
> location or they could use something like speakupconf. That way, no
> actual text would be stored under /sys at all from the clipboard.
This idea leads to another issue. If your system is compromised, it
would be possible for someone to put something in the sys file like:
and take your system down since the kernel could be directed to
overwrite any file in the filesystem.
> As a final thought, since probably most systems are single user, it
> probably isn't that big of a deal. I'm very concerned about security,
> but I'm the only one who uses my Linux boxes, so in my case, I would
> have no problem either being root or changing permissions as necessary.
> I suppose you could have a clip-chmod file which would let root decide
> what permissions to set on the clipboard output.
I realize that a number of systems out there are probably single user
home systems, but I don't feel that we can code assuming that speakup
will always only be used on home systems.
More information about the Speakup