mirror of
https://github.com/LCTT/TranslateProject.git
synced 2024-12-23 21:20:42 +08:00
translated
This commit is contained in:
geekpi
parent
79f5c21f57
commit
f8f33e38e6
@ -1,82 +0,0 @@
|
||||
translating---geekpi
|
||||
|
||||
Your Computer's Clipboard is a Security Problem - Fix it in Linux with xsel and cron
|
||||
============================================================
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
**EDIT: The original article recommended xsel, but a couple of users reported that it disabled their sound. This wasn't a problem for me, but I found another way (using [xclip][1] ) to achieve the same goal that should sidestep the issue. The article has been updated to reflect the switch to xclip.**
|
||||
|
||||
The ability to copy/paste around your OS is essential. Whether you're writing code or comedy, these two functions are central to working with text on a computer. When you copy text, it goes into the memory-residing clipboard. Unless you install a clipboard manager that can hold multiple entries, the clipboard by default holds one _copy_ event, and the moment you _copy_ something else, the entry before it vanishes. In the standard Linux setup, the clipboard contents are stored in the memory of the program controlling it (most often Xorg).
|
||||
|
||||
The clipboard should be hobbled because any program can read its contents, and if left alone, it doesn't forget what it knows. Furthermore, modern browsers enable multiple ways for malicious websites to read from (and write to) your clipboard.
|
||||
|
||||
Although never the default, browsers have settings to disallow clipboard access. Add-ons for both browser and OS are available to manage your clipboard, as well, but it's easier and more reliable to fix the problem at the top of the chain and secure the clipboard system-wide. There are plenty of reasons to have a functional clipboard, but not one good reason contents should linger there for more than a minute or two.
|
||||
|
||||
Password managers have become popular lately, and if you use one, you've seen how they copy your password to the clipboard so you can paste it over in your browser and log into your accounts. Then what? Your password stays on the clipboard till another copy event or a reboot is what.
|
||||
|
||||
Even if you use a separate browser for things like banking, if you copy your password, you bring it back to your other browsers via the clipboard and expose it to web-based clipboard harvesting techniques.
|
||||
|
||||
My fix handles the problem for you in the background, clearing the clipboard contents automatically every minute. It does this with the xclip command line tool, a tiny script and [cron][2] . The one minute cron interval gives you enough time to get your copied passwords pasted, then it empties the clipboard. This repeats every minute, providing worry-free copying.
|
||||
|
||||
We need the [xclip][3] utility to clear the clipboard in the terminal. In apt-based distros, enter:
|
||||
|
||||
**sudo apt-get install xclip**
|
||||
|
||||
Lets test the utility in the terminal. First copy some text from anywhere, paste it somewhere else, then enter these two commands:
|
||||
|
||||
**touch blank
|
||||
xclip -selection clipboard blank**
|
||||
|
||||
then try pasting the text again - it should be gone. Now let's put the commands into a script. Create a script by entering (replacing leafpad with your text editor):
|
||||
|
||||
**leafpad nukeclipboard.sh**
|
||||
|
||||
and enter the following into the new file:
|
||||
|
||||
**#!/bin/sh
|
||||
touch blank && xclip -selection clipboard blank**
|
||||
|
||||
Save and close the file, then make it executable with:
|
||||
|
||||
**chmod +x nukeclipboard.sh**
|
||||
|
||||
Now to make the job run itself every minute. First beware, cron options differ from distro to distro. The following settings are for Ubuntu(based) distros and the process might be different in your distro, so [rtm][4] .
|
||||
|
||||
To setup the cron job, go to the terminal and enter:
|
||||
|
||||
**crontab -e**
|
||||
|
||||
Scroll down past the #commented-out lines and enter the following line (replacing /home/user/ with the location of your script):
|
||||
|
||||
*** * * * * export DISPLAY=:0 && /home/user/nukeclipboard.sh**
|
||||
|
||||
Now hit ctrl-o to bring up the save function, then hit enter to save your crontab. Finally, hit ctrl-x to exit the program. From now on your clipboard has a life-span of one minute.
|
||||
|
||||
About the cron entry above... cron has limitations regarding environment variables and when it fails, you can spend all day trying a hundred ways to fix it that don't work. After finding [this easy fix][5] advising to set the DISPLAY, there's been no more trouble. Thanks [Mike Q][6] for this gem.
|
||||
|
||||
Now, you might go to paste something you've copied the very moment the clipboard's being emptied and find nothing there, but it's is a small price to pay for the security bump it gives you. If it's a problem, you can configure cron to run the job at any interval that works for you. Instructions for Ubuntu and kin are on [this][7] page.
|
||||
|
||||
I hope this tutorial helps you get your clipboard locked down - comment below if you got the script working or have an even better way to do this.
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://www.darrentoback.com/your-computer-s-clipboard-is-a-security-problem-fix-it-in-linux-with-xsel-and-cron
|
||||
|
||||
作者:[dmt][a]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]:https://www.darrentoback.com/about-me
|
||||
[1]:https://github.com/astrand/xclip
|
||||
[2]:https://en.wikipedia.org/wiki/Cron
|
||||
[3]:https://github.com/astrand/xclip
|
||||
[4]:https://en.wikipedia.org/wiki/Cron
|
||||
[5]:https://stackoverflow.com/questions/14296911/when-linux-system-calls-scripts-some-commands-dont-work-cron-if-up-d/24070707#24070707
|
||||
[6]:https://stackoverflow.com/users/1618630/mike-q
|
||||
[7]:https://help.ubuntu.com/community/CronHowto
|
||||
@ -0,0 +1,80 @@
|
||||
你计算机上的剪切板是一个安全问题 - 在 Linux 中用 xsel 和 cron 修复它
|
||||
============================================================
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
**编辑:我原文推荐的是 xsel,但几个用户报告说它禁用了他们的声音。这对我来说不是问题,但我发现了另一种方式(使用 [xclip][1] )来实现同样的目标,这样应该就能回避这个问题。文章已更新,切换到了 xclip。**
|
||||
|
||||
在你的操作系统上复制/粘贴的能力是必不可少的。无论你写的是代码还是喜剧,这两个功能是在计算机上处理文本的核心。当你复制文本时,它会进入内存驻留的剪贴板。除非安装了可以容纳多个条目的剪贴板管理器,否则剪贴板默认情况下会保存一个_复制_事件,而在你在_复制_其他东西的时候,它之前的条目就会消失。在标准 Linux 设置中,剪贴板内容存储在控制它的程序的存储器中(通常是 Xorg)。
|
||||
|
||||
剪贴板是有缺陷的,因为任何程序可以读取其内容,如果让它独立,它不会忘记它知道的。此外,现代浏览器允许恶意网站以多种方式从剪贴板读取(和写入)。
|
||||
|
||||
虽然不是默认的,但浏览器有禁止剪贴板访问的设置。也有用于浏览器和操作系统管理剪贴板的附加组件,但是它可在链接顶部更容易、更可靠地解决问题,并使系统范围内的剪贴板安全。有很多理由只有一个剪贴板,但没有一个很好的理由让内容在那里保留一两分钟以上。
|
||||
|
||||
密码管理器最近变得很受欢迎,如果你使用了密码管理器,你已经了解了它们如何将密码复制到剪贴板,以便你可以将其粘贴到浏览器中并登录到你的帐户。接下来会发生什么?直到另一个复制事件或重新启动,你的密码会保留在剪贴板上。
|
||||
|
||||
即使你使用单独的浏览器来处理银行等事务,如果你复制密码,则通过剪贴板会将其带回其他浏览器,并将其暴露在基于 web 剪贴板的收集技术中。
|
||||
|
||||
我在后台处理你的问题,每分钟自动清除剪贴板的内容。它使用 xclip 这个命令行工具、一个小脚本和 [cron][2]。cron 的一分钟间隔给你足够的时间来复制密码,然后它会清空剪贴板。它会每分钟重复,提供无忧复制。
|
||||
|
||||
我们需要使用 [xclip][3] 工具清除终端中的剪贴板。在基于 apt 的发行版中,输入:
|
||||
|
||||
**sudo apt-get install xclip**
|
||||
|
||||
让我们在终端中测试程序。首先从其他地方复制一些文字,复制到其他地方,并输入这两条命令:
|
||||
|
||||
**touch blank
|
||||
xclip -selection clipboard blank**
|
||||
|
||||
接着再次尝试复制文本 - 它应该就会消失了。现在把命令放在脚本中。创建一个脚本(用你的文本编辑器代替 leafpad):
|
||||
|
||||
**leafpad nukeclipboard.sh**
|
||||
|
||||
并在新文件中输入下面的内容:
|
||||
|
||||
**#!/bin/sh
|
||||
touch blank && xclip -selection clipboard blank**
|
||||
|
||||
保存并关闭文件,接着加上可执行权限:
|
||||
|
||||
**chmod +x nukeclipboard.sh**
|
||||
|
||||
现在让作业每分钟运行一次。首先要小心,不同的发行版有不同的 cron 选项。以下设置适用于 Ubuntu(基于)的发行版,并且在你的发行版中过程可能不同,因此[请阅读手册][4]。
|
||||
|
||||
要设置cron作业,请在终端输入:
|
||||
|
||||
**crontab -e**
|
||||
|
||||
滚到最后被注释掉的行,并输入下面的行(将 /home/user/ 替换为你的脚本位置):
|
||||
|
||||
*** * * * * export DISPLAY=:0 && /home/user/nukeclipboard.sh**
|
||||
|
||||
现在按下 ctrl-o 打开保存功能,然后点击回车保存你的 crontab。最后,按下 ctrl-x 退出程序。从现在起,你的剪贴板的使用寿命为一分钟。
|
||||
|
||||
至于上面的 cron 条目。。。cron 有环境变量的限制,当它失败时,你可能要花一整天试着一百种方法来解决它。发现[快速修复][5]建议设置 DISPLAY,且没有更多的麻烦。感谢 [Mike Q][6] 的贡献。
|
||||
|
||||
现在,你可能会去粘贴你复制的东西,当剪贴板被清空,没有找到任何东西,但它是一个小的价格,支付的安全碰撞它给你。 如果这是一个问题,您可以配置cron以任何适合您的间隔运行作业。 Ubuntu和kin的说明在[这个] [7]页。
|
||||
|
||||
我希望这个教程能帮助你把剪贴板锁定下来 - 如果你有可以工作的脚本或者更好的方法,欢迎来做评论。
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://www.darrentoback.com/your-computer-s-clipboard-is-a-security-problem-fix-it-in-linux-with-xsel-and-cron
|
||||
|
||||
作者:[dmt][a]
|
||||
译者:[geekpi](https://github.com/geekpi)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]:https://www.darrentoback.com/about-me
|
||||
[1]:https://github.com/astrand/xclip
|
||||
[2]:https://en.wikipedia.org/wiki/Cron
|
||||
[3]:https://github.com/astrand/xclip
|
||||
[4]:https://en.wikipedia.org/wiki/Cron
|
||||
[5]:https://stackoverflow.com/questions/14296911/when-linux-system-calls-scripts-some-commands-dont-work-cron-if-up-d/24070707#24070707
|
||||
[6]:https://stackoverflow.com/users/1618630/mike-q
|
||||
[7]:https://help.ubuntu.com/community/CronHowto
|
||||
Loading…
Reference in New Issue
Block a user