Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Turning OSC 52 selection reading on (and off) on the fly #4022

Closed
dluciv opened this issue Sep 13, 2021 · 3 comments
Closed

Turning OSC 52 selection reading on (and off) on the fly #4022

dluciv opened this issue Sep 13, 2021 · 3 comments

Comments

@dluciv
Copy link

dluciv commented Sep 13, 2021

The matter
OSC 52 is quite useful to work with, but, when logging into untrusted remote hosts, it lacks a security: remote software can read local selsctions without notifying the user.

It is not a Kitty issue (so not posting it as a security problem), but rather all terminals, supporting OSC 52 for selection sharing. Being first to handle this in the right way, Kitty can set a good example to others.

Possible solutions
Either make selection reading switchable in runtime (probably be by the kitten invoked for a hotkey) or, on the first per-session attempt to read user selection, ask the user if they want to allow or disallow it. Actually the both approaches look very friendly to the user.

@dluciv dluciv changed the title OSC 52 tuning on the fly Turning OSC 52 on (and off) on the fly Sep 13, 2021
@dluciv dluciv changed the title Turning OSC 52 on (and off) on the fly Turning OSC 52 selection reading on (and off) on the fly Sep 13, 2021
@kovidgoyal
Copy link
Owner

Reading the clipboard is disabled by default. And is fairly useless
anyway. https://sw.kovidgoyal.net/kitty/conf/#opt-kitty.clipboard_control

@kovidgoyal
Copy link
Owner

And actually while I am here, I might as well implement the ask for permissions on read behavior, it should be a trivial patch.

@dluciv
Copy link
Author

dluciv commented Sep 13, 2021

This is great, thank you!

No matter how often it is used, in any case this is the safiest solution.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants