#32766: Data leak on Tor Browser on Linux via middle mouse paste
--------------------------------------+--------------------------
Reporter: cypherpunks | Owner: tbb-team
Type: defect | Status: new
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Major | Resolution:
Keywords: data leak | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by Thorin):
Do you mean this one?
- https://github.com/ghacksuserjs/ghacks-user.js/issues/735
- https://github.com/ghacksuserjs/ghacks-
user.js/blob/master/user.js#L1034-L1037
- upstream: https://bugzilla.mozilla.org/1528289
- note: clipboard events (`dom.event.clipboardevents.enabled` referenced
as 2402 below) are enabled in TB Windows but I'm not sure about Linux
{{{
/* 2403: disable middlemouse paste leaking clipboard content on Linux
after autoscroll
* Defense in depth if clipboard events are enabled (see 2402)
* [1] https://bugzilla.mozilla.org/1528289 */
user_pref("middlemouse.paste", false); // [DEFAULT: false on Windows]
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32766#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online