Open kreutpet opened 6 years ago
i looked a bit deeper into the klipper configuration i found the option to "Disable Actions for windows of type WM_CLASS" i followed the instruction given and got the following info from qtpass WM_CLASS(STRING) = "qtpass", "QtPass"
then i added a new entry in the klipper configuration but unfortunately was not able to get the intended behavior.
anyone got klipper configured to ignore actions from qtpass?
That sounds like something to add to the FAQ and or README
well , i played around with klipper and did not find any solution to prevent passwords copied into the klipper to be shown in the klipper history.
If any body has same experience or has solution please share.
For password used in www i recommend using firefox and passff , which give direct access to the pass without a copy past
this seems to be related Bug 334646 / Wish 105033
same argumentation , this is considered a security flaw.
Should we fill another bug ?
This issue is not specific to KDE: same behaviour with XFCE4 clipman. For reference: Xfce - blacklist passwords 10112
It should be possible, as one developer has done it for his proof-of-concept ‘plasma pass’: https://www.dvratil.cz/2018/05/plasma-pass/
More specifically, at the end of https://cgit.kde.org/scratch/dvratil/plasma-pass.git/tree/plugin/passwordprovider.cpp are the functions that he defines for doing it. He uses klipper-specific code.
I am not sure about qtpass
but pass
does clear up the Klipper clipboard. In fact, it wipes out the entire Klipper history that was loaded.
yes i can confirm that the terminal interface of pass does clean the clipboard in KDE. not used plasma pass yet. i will give it a try
yes i can confirm that the terminal interface of pass does clean the clipboard in KDE.
That is no reason to close this issue. QtPass still doesn't clear the password from the clipboard. (Moreover, clearing the entire Klipper history is not exactly proper behavior.) Please reopen.
i looked into plasma-pass -> link
how could this lines of code go into qtpass? I am not so experienced in c++ but how to handle the kde dependency when building qtpass for none KDE/klipper environment?
if the Copy Password button in QTPass used the 'pass -c' command to copy the password then a custom set 'pass' command could point to a wrapper script like this:
#!/bin/bash
# stop the password from being recorded by clipman
xfconf-query -c xfce4-panel -p /plugins/clipman/tweaks/inhibit -s true
/usr/bin/pass "$@"
# TODO - trap this command so clipman is ALWAYS restored back to functionality
xfconf-query -c xfce4-panel -p /plugins/clipman/tweaks/inhibit -s false
This script would be for clipman on xfce4
any news about this?
I'm experiencing the same issue.
Relevant upstream bug: https://bugs.kde.org/show_bug.cgi?id=334646
Relevant upstream bug: https://bugs.kde.org/show_bug.cgi?id=334646
The bug is now closed, and the latest comment there says:
KeepassXC sends copied passwords with custom mime data (application/x-nspasteboard-concealed-type on OS X, x-kde-passwordManagerHint on Linux, and ExcludeClipboardContentFromMonitorProcessing on Windows) to hint for passwords not to be stored in history, [snip]
Klipper supports the
x-kde-passwordManagerHint
flag AFAIK, so password managers should be setting this flag when copying sensitive data.
So, it sounds like there should be a way for QtPass to also set the proper hints/flags.
Another approach employed by pass
itself is to
qdbus org.kde.klipper /klipper org.kde.klipper.klipper.clearClipboardHistory
https://github.com/zx2c4/password-store/blob/1.7.4/src/password-store.sh#L175
It's essentially a workaround, but it works pretty well.
many thanks to create that tool ! Since i move to pass i am using it on daily base and love it.
concerning the clipboard clearing feature i recognized that the functionality actually does not remove the copied password from the klipper KDE clipboard utility. The "Clipboard cleared" is shown in the qt status ui. The copied password remains in the history. I think is is actually a security risk. as the klipper entry needs to be manually cleared.
Not sure if the klipper provides a dbus interfacce to also remove the Clipboard entry been coming from qtpass. Can klipper been configured to not receive the clipboard from qtpass? I am also sure the get complicated as the klipper is only available in KDE.
thx