clipboard integration -- possible security implications

Chris Brannon cmbrannon79 at gmail.com
Fri Oct 23 07:55:35 EDT 2009


> OK, how does speakupconf work if you're not root?

Speakupconf doesn't need to be so discerning.  It just copies data to or
from /sys, regardless of who is running it.
It is a shell script,
and it uses ~/.speakup when running as a non-privileged user.
The assumption is that settings don't contain any sort of sensitive info.

> although the question is still who the current user is. I
> would define the current user as the one who is using Speakup at the 
> time that text is copied to the Speakup clipboard.

That is a perfect definition!  How do you determine who the current user is?
I looked at headers under /usr/src/linux/include yesterday, and there
doesn't seem to be any sort of userid field associated with the C structs
that represent virtual consoles.
I suppose that you could use the number of the virtual console on which
the copy / paste operation is being performed.
Next, you have to figure out how to contact the X server that the current
user is using.

If there is going to be any sort of automatic transfer of data between
Speakup's cut buffer and the X clipboard, then both of those pieces
of info need to be known.  Who requested the copy or paste, and where is
his X server -- assuming that he is running X?

> Another idea would be to require a user to be in a special group, 
> similar to only making the CD drive accessible to users in the "audio" 
> group. The group would have to manually be created

This is a really good idea, for everything under /sys/accessibility/speakup.
The group would be created by the person who packages Speakup for your distro.
The file ownerships need to be set correctly whenever speakup's modules are
loaded.  If you look at "man modprobe.conf", there's a description of
something called "install".  This "install" primitive allows us to run
arbitrary commands whilst loading a module.
The people who package Speakup could probably do all of this today, without
requiring any change to the Speakup code.
This won't solve all the problems related to automatic export / import
of the clipboard, though.

-- Chris



More information about the Speakup mailing list