I’d like to use qvm-run-vm
from a vault VM to copy a password to a client’s clipboard, as such:
[vault]$ qvm-run-vm client "echo password | xclip -selection clipboard"
Will the password be logged anywhere in the client? For example running that command in a terminal puts in it my .bash_history
(obviously, and with default bash settings).
If I’m understanding the qrexec-internals documentation correctly, the qrexec-fork-server
is what executes the command sent by qvm-run-vm
. If this is correct, does qrexec-fork-server
leave behind any traces of the password? Would the password be exposed to programs that don’t already have access to the clipboard?