[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cp-patches] FYI: Getting the system clipboard in javax/swing/Transf
From: |
Mark Wielaard |
Subject: |
Re: [cp-patches] FYI: Getting the system clipboard in javax/swing/TransferHandler |
Date: |
Tue, 22 Nov 2005 11:41:47 +0100 |
Hi Audrius,
On Sat, 2005-11-19 at 23:40 +0100, Meskauskas Audrius wrote:
> The idea probably is that if we cannot get access to the system
> clipboard, we may still want to cut/copy/paste inside the same
> application (for instance, to move the text fragment in the text area
> being currently edited). With the local clipboard, the application can
> only read the clipboard data that it have placed there itself. With
> the system clipboard, the application may have access on some data
> that are just accidently remaining there; it is probably possible to
> steal a valuable information this way.
Yes. But the problem was that 1) whenever there was any insecure access
to the clipboard all successive calls would use this local clipboard and
2) I am not sure it is really valuable to have (mutually?) insecure code
(ex)change the information in a local clipboard.
I would like to hear Gary's opinion on this though since he is working
on the security review.
Cheers,
Mark
signature.asc
Description: This is a digitally signed message part