SUMMARY I just had a password leaked to a VM that shouldn't ever have access t o it because of a multitude of what I think are a multitude of rather dangerous UI defaults. One of them is that KDE, on the host system, apparently keeps a clipboard history, yet I never enabled this and was never made aware. Since I use the clipboard for passwords somewhat often, this is a potential security issue. I think the safe way to go about this would be to add to the initial on-boarding dialog whether I want to have clipboard history, and otherwise default it to off, or at the very least make me in some kind of way aware that there is any. STEPS TO REPRODUCE 1. Install KDE, don't interact with any sort of clipboard history ever, and you probably also won't get a popup about it. I didn't 2. Install virt-manager and set up guest VM and install virtio packages on host 3. virt-manager will apparently enable sharing of clipboard by default which seems like a major security issue (but separately from this one here), and not only share the current clipboard contents but the entire clipboard history 4. Your VM now has your entire clipboard history, not even just the most recent entry, which exposes you to a security risk even if the last item you copied before interacting with the VM was unproblematic. OBSERVED RESULT Clipboard history seems to be enabled by default and it seems to be not obvious at all. My apologies if I'm just being unbelievably inattentive or something, but I'm pretty sure I've used this machine for months without knowing that this was going on. EXPECTED RESULT Clipboard history is either disabled by default with an opt-in in the KDE onboarding dialog that comes up when launching a session for the first time, or it's really obvious that it is enabled via some sort of popup that ideally asks me if I want to keep it enabled or not. SOFTWARE/OS VERSIONS Windows: macOS: (available in the Info Center app, or by running `kinfo` in a terminal window) Linux/KDE Plasma: postmarketOS v24.12 based on Alpine 3.21.2 KDE Plasma Version: 6.2.4 KDE Frameworks Version: 6.8.0 Qt Version: 6.8.0 ADDITIONAL INFORMATION
Created attachment 177219 [details] Settings that show "1 entry" for the history My apologies, after some digging around it seems the VM only has a history because it kept tracking on its own, and after some more testing to find out what's going on the history on the host is actually disabled (see screenshot) and any entries copied while the VM are turned off, aren't then later known to the VM. So this is purely a virt-manager issue. Sorry for not finding this out earlier and the incorrect filing!
Another interesting twist that I came across: I checked my other machine now which is a newer install, and it's enabled there. It seems like on my main machine I noticed at some point and disabled it manually, but it does seem to be enabled by default without much of a notification that I can see. At least I never noticed on this second machine. Nevertheless, it does seem to be primarily a virt-manager issue.