Bug 489276 – [Leave message] Cancel button should clean clipboard buffer

Bug 489276 - [Leave message] Cancel button should clean clipboard buffer

Summary:	[Leave message] Cancel button should clean clipboard buffer

Status:	CLOSED UPSTREAM

Aliases:	None

Product:	Fedora
Classification:	Fedora
Component:	gnome-screensaver (Show other bugs)
Sub Component:
Version:	rawhide
Hardware:	All Linux

Priority	low Severity low
Target Milestone:	---
Target Release:	---
Assigned To:	jmccann
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2009-03-09 05:51 EDT by Michal Nowak
Modified:	2015-01-14 18:22 EST (History)
CC List:	4 users (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2009-03-11 11:13:37 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
GNOME Desktop	574896	None	None	None	Never

Groups: None (edit)

Description Michal Nowak 2009-03-09 05:51:22 EDT

Description of problem:

When leaving message via gnome-screensaver the clipboard buffer persist closure of the "Leave message" dialog, but only when the procedure of posting the message is interrupted via "Cancel" button. The "Save" button does the mock up.

Version-Release number of selected component (if applicable):

gnome-screensaver-2.25.2-6.fc11.x86_64

How reproducible:

always

Steps to Reproduce:
1. Lock the screen, GNOME Screensaver will pop up
2. Hit "Leave message"
3. Write something, select it, copy to clipboard via Control+C
4. Hit "Cancel"
5. Hit "Leave message"
6. Press Control+P
  
Actual results:

The buffer from previous editing is pasted.

Expected results:

Buffer is cleared on "Cancel" hit.

Additional info:

The user who did Control+C could be potentially different from the one who pressed Control+P and (parts of) the information sent to the "locked" user might be revealed.

After hitting "Cancel" in the "unlock" screen itself, not in the "Leave message" dialog, the clipboard buffer is cleared OK.

Not sure whether it has any security implications, or whether is it a bug at all -- reporting just for the sake of being on the safer side and leaving on your consideration.

Comment 1 Vincent Danen 2009-03-10 17:22:05 EDT

It seems like there have been (and currently are) some issues with gnome-screensaver and clipboard buffer handling.  See:

http://bugzilla.gnome.org/show_bug.cgi?id=482159

and:

http://bugzilla.gnome.org/show_bug.cgi?id=564165

Since this is pretty public, I wouldn't classify this as security sensitive.  Granted, this is slightly different, but I would consider this as one of those "don't do it" type things (and of a much lesser severity than the previous issues).  There really is no reason for someone leaving a message to paste anything to the clipboard.  I would be more worried if copying from the clipboard revealed the actual locked user's clipboard contents or if pasting to the clipboard in gnome-screensaver stayed in the user's clipboard once they unlock the screen.

I think definitely think this is a bug, but I would recommend filing it upstream.  I agree, the clipboard buffer contents should be cleared whether or not they hit "save" or "cancel".

Did you want to file this upstream?

Comment 2 Michal Nowak 2009-03-11 04:31:19 EDT

Agree. Filled upstream, thanks for triage.

Comment 3 Vincent Danen 2009-03-11 11:13:37 EDT

No problem.

I'm going to close this issue then.

Note You need to log in before you can comment on or make changes to this bug.