Skip to content

Clipboard Egress Tests (DM-CLIP)

Validate that clipboard operations do not allow data to exit the Secure Sandbox except where explicitly authorized.

Objectives

  • Enforce deny-by-default posture for outbound clipboard.
  • Verify MIME-aware, size-aware, and transform pipelines (e.g., strip formats) behave as expected.
  • Validate imageMegapixels and imageDimensions matchers for image-size-aware clipboard control.
  • Confirm asymmetric direction policies (allow inbound images, deny outbound) work independently.

Preconditions

  • Host and sandbox apps installed (for example, Notepad/WordPad and a test editor in the sandbox).
  • Apply the following baseline policy:
json
{
  "configuration": {
    "launch": {
      "runtime": {
        "dataMotion": {
          "settings": {
            "clipboard": { "enabled": true, "defaultAction": "deny" }
          }
        }
      }
    }
  }
}

Controls Under Test

  • runtime.dataMotion.rules[] with channel: "clipboard" and direction: in|out|both.
  • match.imageMegapixels — megapixel-based image size matching (min/max).
  • match.imageDimensions — pixel width/height matching (width.max, height.max, etc.).

Test Scenarios

IDTest ScenarioProcedureExpected Outcome
DM-CLIP-01Text Block (Outbound)1. Policy: clipboard direction out = deny.
2. App: Copy text "SECRET".
3. Host: Paste.
Pass: Paste buffer is empty or contains stale host data.
DM-CLIP-02File Copy (Outbound)1. Policy: clipboard direction out = deny.
2. App: Copy file secret.docx (Ctrl+C).
3. Host: Paste (Ctrl+V).
Pass: File is not pasted/transferred.
DM-CLIP-03Image vs Text1. Policy: Allow text/plain but deny image/*.
2. App: Screenshot to clipboard (image).
3. Host: Paste.
Pass: Image content is stripped; nothing pastes or text-only fallback appears.
DM-CLIP-04Size Limit Enforcement1. Policy: Allow max 1024 bytes.
2. App: Copy 2KB text block.
3. Host: Paste.
Pass: Operation denied or truncated (depending on config).
DM-CLIP-05Rich Text Sanitization1. Policy: Pipeline builtin.stripFormats (remove RTF/HTML).
2. App: Copy bold/colored text from Word.
3. Host: Paste into WordPad.
Pass: Text pastes as plain text (no formatting).
DM-CLIP-06Inbound Block1. Policy: clipboard direction in = deny.
2. Host: Copy "Malicious Payload".
3. App: Paste.
Pass: Paste buffer is empty or contains stale sandbox data.
DM-CLIP-07Unicode Normalization/Homoglyphs1. Copy text with homoglyphs/surrogates that imply sensitive terms.
2. Host: Paste to DLP-aware editor.
Pass: Normalized or denied per policy; no bypass via character tricks.
DM-CLIP-08Cumulative Rate Limits1. Copy multiple small text chunks over time (e.g., 200 x 64B).
2. Host: Paste/recombine.
Pass: Cumulative quota triggers deny; audit shows cumulativeBytes and rate limit signals.
DM-CLIP-09Image Megapixel Deny (Large)1. Policy: Allow image/* outbound only when imageMegapixels.max: 2.0; deny otherwise.
2. App: Copy a large image (e.g., 3840 × 2160 = 8.3 MP) to clipboard.
3. Host: Paste.
Pass: Paste is denied. Audit: action: "deny", rule.id: "img-large-deny", metrics.image.megapixels: 8.29.
DM-CLIP-10Image Megapixel Allow (Thumbnail)1. Policy: Allow image/* outbound when imageMegapixels.max: 0.25.
2. App: Copy a small icon (e.g., 128 × 128 = 0.016 MP) to clipboard.
3. Host: Paste.
Pass: Image pastes successfully. Audit: action: "allow", metrics.image.megapixels: 0.016.
DM-CLIP-11Image Megapixel Range (Pipeline)1. Policy: Route image/* outbound through process pipeline when imageMegapixels is between 0.25 and 2.0.
2. App: Copy a window screenshot (~1 MP) to clipboard.
3. Host: Paste.
Pass: Pipeline executes (OCR/DLP inspect); outcome depends on inspection result. Audit: action: "process", pipeline step details present.
DM-CLIP-12Image Dimensions Deny (Multi-Monitor)1. Policy: Allow image/* outbound only when imageDimensions.width.max: 2560 and imageDimensions.height.max: 1440.
2. App: Take a dual-monitor screenshot (e.g., 5120 × 1440).
3. Host: Paste.
Pass: Paste is denied. Audit: action: "deny", metrics.image.widthPx: 5120.
DM-CLIP-13Asymmetric Image Direction1. Policy: Allow image/* with direction: "in"; deny image/* with direction: "out" (both at same priority).
2. Host: Copy image, paste into sandbox app.
3. App: Copy image from sandbox, paste on host.
Pass: Step 2 succeeds (inbound allow). Step 3 denied (outbound deny). Audit shows matching direction for each event.
DM-CLIP-14Megapixel + Dimensions Combined1. Policy: Allow image/* outbound when both imageMegapixels.max: 2.0 AND imageDimensions.width.max: 2560.
2. App: Copy a 2400 × 800 image (1.92 MP, within MP limit but within width limit) — should allow.
3. App: Copy a 3000 × 600 image (1.8 MP, within MP limit but exceeds width) — should deny.
Pass: Step 2 allows. Step 3 denies (width exceeded despite MP under threshold). Match fields are logical AND.

Evidence Requirements

  • Audit category: dataMotion with channel: "clipboard", direction, action, outcome.
  • Include rule.id, priority, bytes/items, and classification context where applicable.
  • For image tests (DM-CLIP-09 through DM-CLIP-14): include metrics.image.widthPx, metrics.image.heightPx, metrics.image.megapixels, and metrics.image.format.

Troubleshooting

  • Verify the rule priority and defaultAction posture.
  • Confirm MIME/type detection and size thresholds are configured as intended.

Known Limitations & Negative Space

  • These procedures validate clipboard channels only. They do not cover covert exfiltration via screenshots or OCR; see Screen Capture & Share tests.
  • Clipboard manager behaviors vary by OS and app. Validate both inbound and outbound directions explicitly in your environment.