clipman secure transfer

Mike Massonnet mmassonnet at
Fri May 24 09:48:30 CEST 2013

Hey Liviu,

I think what might be a good solution is a blacklist system

I opened two bugs:

In this way the passwords for example would not appear in the history.


2012/5/10 Liviu Andronic <landronimirc at>:
> Dear Mike
> You are the maintainer of Clipman and I'm writing you off-line because
> this email is the subject of a more farfetched request and I'd like to
> discuss it in private first.
> I read the docs on Clipman [1] and to my understanding any string
> selected and copied gets stored in at least two places: the primary
> and the default clipboards. This arrangement works fine for normal
> usage, but I'm not sure whether it's appropriate for sensitive data
> such as passwords.
> Recently I've been introduced to PasswordMaker [2], which proposes an
> innovative way to generate and use secure passwords. In a nutshell, I
> choose a strong Master Password and then I use PasswordMaker to
> generate, via hashing algorithms, very long and unique passwords which
> cannot---computationally infeasible---reveal the MP. There is however
> one security detail that bugs me:
> Depending on the PasswordMaker Edition used, one needs to *copy* and
> paste a given password for a specific account. This means that the
> password is being shared with a completely unsecured medium---the
> clipboard.
> I ranted on this issue on their forums [3], but this security concern
> doesn't seem to be taken seriously by the devels. Here's where Clipman
> could come in, by providing a 'Secure transfer' mode. What follows is
> a proof-of-point design:
> - add a 'Secure transfer' checkbox in the interface
> - when activated, Clipman would forcefully stop putting any selected
> or copied string into either of the two X11 clipboards
> - it would take a selected or copied string and store it within an
> internal buffer, in memory, potentially encrypted
> - would make it available for a single paste operation
> - after which the contents of the 'secure' buffer get cleared (for good)
> Do you think that this would be feasible? Would it have a place in
> Clipman, and would you have any interest in providing such a feature?
> Should I file an enhancement request? Please let me know.
> Regards
> Liviu
> [1]
> [2]
> [3],1751.0.html
> --
> Do you know how to read?
> Do you know how to write?

More information about the Xfce mailing list