RE: copy-paste

Mitch Gart (mgart@netegrity.com)
Wed, 14 Apr 1999 13:49:05 -0400

From: Mitch Gart <mgart@netegrity.com>
To: Marianne Mueller <Marianne.Mueller@eng.sun.com>,
Subject: RE: copy-paste
Date: Wed, 14 Apr 1999 13:49:05 -0400

If you do copy-paste on Windows or Solaris, it uses a single
global clipboard which is shared between Java and non-Java
applications and applets. Try it.

I guess if you happened to have some sensitive information
that you had copied from one place to another through the
clipboard, and then you happened to download a Java applet
at just the wrong moment, that applet could change or steal
the information.

I'm personally not worried about this at all but I see Microsoft
is. They throw a SecurityExceptionEx in IE if a user does
copy-paste in an AWT TextArea or TextField, in an applet.
This messes up my applet, and I was wondering if there was
some justification for it. Thanks,

- Mitch
- mgart@netegrity.com

> -----Original Message-----
> From: Marianne Mueller [mailto:Marianne.Mueller@Eng.Sun.COM]
> Sent: Wednesday, April 14, 1999 1:43 PM
> To: java-security@java.sun.com; mgart@netegrity.com
> Subject: Re: copy-paste
>
>
> It seems innocuous as long as an applet can't copy another
> applet's clipping (or another application's.)
>
> What attack are you thinking of?
>