[discussion] Secure Item in clipboard manager - non disclosure of password value

Thu Sep 23 11:51:34 UTC 2021

Hi,

Recently, I forked xfce4 clipman (clipboard manager) to start a PoC of 
Secure Item + a cli to drive clipman via DBus call, that I also added to 
the forked code.

This email is mostly a post is about security or non-disclosure of password.

The Secure Item concept I introduced in clipman, try to hide the 
password all the time, until it is ultimately stored as clear text in 
the clipboard,
and then delete after a short period ~30s.

Example and code can be found and explained here:
https://gitlab.xfce.org/Sylvain/xfce4-clipman-plugin/-/blob/secure_item_dbus/README.md 
<https://gitlab.xfce.org/Sylvain/xfce4-clipman-plugin/-/blob/secure_item_dbus/README.md>

I also added a small obfuscation to avoid to reveal password in log, or 
DBus may be, or debug log, etc.
As the PoC is only to test the idea it's sufficient but it could be crypted.
I also hide the password that way during testing and developing the 
software, as I may still need to copy some password while using the 
clipboard manager in debug mode.

How do you secure password fields (non-disclosure) in pass?
I mean, what special effort did you add to ensure that clear password 
are avoided outside where it's expected.

I also saw that the pass code hold some dbus call for org.kde.klipper. I 
will look how they handle that too in klipper code.

Actually I'm testing the PoC and exploring how I could use it.

I wrote a small shell wrapper for testing it:

https://gitlab.xfce.org/Sylvain/xfce4-clipman-plugin/-/blob/secure_item_dbus/pass_clip.sh 
<https://gitlab.xfce.org/Sylvain/xfce4-clipman-plugin/-/blob/secure_item_dbus/pass_clip.sh>

I suppose I should write a pass-extension plugin in order to use 
clipman-cli. I will think about it.

could be:

pass clipman add PASS_ENTRY
pass clipman delete ID
pass clipman clear_secure
etc.

Actually clipman_cli wrapper supports:

# Usage: ./clipman_cli.sh add [-s] TEXT_ITEM_VALUE
#        ./clipman_cli.sh list
#        ./clipman_cli.sh del ITEM_ID
#        ./clipman_cli.sh get ITEM_ID
#        ./clipman_cli.sh get_secure ITEM_ID
#        ./clipman_cli.sh clear
#        ./clipman_cli.sh clear_secure
#        ./clipman_cli.sh set_secure  ITEM_ID
#        ./clipman_cli.sh set_clear_text ITEM_ID
#        ./clipman_cli.sh collect_secure [NUM_COLLECTED_ITEM_TO_SECURE]
#
# Arguments:
#   TEXT_ITEM_VALUE               string to add to history.
#   ITEM_ID                       uint16 a clipman history ID (use list 
or add
#                                 to retreive it).
#   NUM_COLLECTED_ITEM_TO_SECURE  uint16 the next collected item from 
clipboard
#                                 will be set secured by clipman 
automatically.
#                                 Useful for keyboard shortcut before 
copying
#                                 [default: 1]

My plan is to create a Merge Request in the main clipman code in order 
to publish something useful.

Thanks for your attention,
Remarks are welcome,
Regards,
Sylvain.

-- 
Sylvain Viart - GNU/Linux Sysadmin/Developer/DevOps - France