[tor-bugs] #32766 [Applications/Tor Browser]: Data leak on Tor Browser on Linux via middle mouse paste

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Dec 16 18:26:36 UTC 2019

#32766: Data leak on Tor Browser on Linux via middle mouse paste
 Reporter:  cypherpunks               |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  High                      |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Major                     |     Resolution:
 Keywords:  data leak                 |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:

Comment (by Thorin):

 Do you mean this one?
 - https://github.com/ghacksuserjs/ghacks-user.js/issues/735
 - https://github.com/ghacksuserjs/ghacks-
 - upstream: https://bugzilla.mozilla.org/1528289
 - note: clipboard events (`dom.event.clipboardevents.enabled` referenced
 as 2402 below) are enabled in TB Windows but I'm not sure about Linux

 /* 2403: disable middlemouse paste leaking clipboard content on Linux
 after autoscroll
  * Defense in depth if clipboard events are enabled (see 2402)
  * [1] https://bugzilla.mozilla.org/1528289 */
 user_pref("middlemouse.paste", false); // [DEFAULT: false on Windows]

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32766#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list