Appearance
Clipboard Egress Tests (DM-CLIP)
Validate that clipboard operations do not allow data to exit the Secure Sandbox except where explicitly authorized.
Objectives
- Enforce deny-by-default posture for outbound clipboard.
- Verify MIME-aware, size-aware, and transform pipelines (e.g., strip formats) behave as expected.
- Validate
imageMegapixelsandimageDimensionsmatchers for image-size-aware clipboard control. - Confirm asymmetric direction policies (allow inbound images, deny outbound) work independently.
Preconditions
- Host and sandbox apps installed (for example, Notepad/WordPad and a test editor in the sandbox).
- Apply the following baseline policy:
json
{
"configuration": {
"launch": {
"runtime": {
"dataMotion": {
"settings": {
"clipboard": { "enabled": true, "defaultAction": "deny" }
}
}
}
}
}
}Controls Under Test
runtime.dataMotion.rules[]withchannel: "clipboard"anddirection: in|out|both.match.imageMegapixels— megapixel-based image size matching (min/max).match.imageDimensions— pixel width/height matching (width.max,height.max, etc.).
Test Scenarios
| ID | Test Scenario | Procedure | Expected Outcome |
|---|---|---|---|
| DM-CLIP-01 | Text Block (Outbound) | 1. Policy: clipboard direction out = deny.2. App: Copy text "SECRET". 3. Host: Paste. | Pass: Paste buffer is empty or contains stale host data. |
| DM-CLIP-02 | File Copy (Outbound) | 1. Policy: clipboard direction out = deny.2. App: Copy file secret.docx (Ctrl+C).3. Host: Paste (Ctrl+V). | Pass: File is not pasted/transferred. |
| DM-CLIP-03 | Image vs Text | 1. Policy: Allow text/plain but deny image/*.2. App: Screenshot to clipboard (image). 3. Host: Paste. | Pass: Image content is stripped; nothing pastes or text-only fallback appears. |
| DM-CLIP-04 | Size Limit Enforcement | 1. Policy: Allow max 1024 bytes.2. App: Copy 2KB text block. 3. Host: Paste. | Pass: Operation denied or truncated (depending on config). |
| DM-CLIP-05 | Rich Text Sanitization | 1. Policy: Pipeline builtin.stripFormats (remove RTF/HTML).2. App: Copy bold/colored text from Word. 3. Host: Paste into WordPad. | Pass: Text pastes as plain text (no formatting). |
| DM-CLIP-06 | Inbound Block | 1. Policy: clipboard direction in = deny.2. Host: Copy "Malicious Payload". 3. App: Paste. | Pass: Paste buffer is empty or contains stale sandbox data. |
| DM-CLIP-07 | Unicode Normalization/Homoglyphs | 1. Copy text with homoglyphs/surrogates that imply sensitive terms. 2. Host: Paste to DLP-aware editor. | Pass: Normalized or denied per policy; no bypass via character tricks. |
| DM-CLIP-08 | Cumulative Rate Limits | 1. Copy multiple small text chunks over time (e.g., 200 x 64B). 2. Host: Paste/recombine. | Pass: Cumulative quota triggers deny; audit shows cumulativeBytes and rate limit signals. |
| DM-CLIP-09 | Image Megapixel Deny (Large) | 1. Policy: Allow image/* outbound only when imageMegapixels.max: 2.0; deny otherwise.2. App: Copy a large image (e.g., 3840 × 2160 = 8.3 MP) to clipboard. 3. Host: Paste. | Pass: Paste is denied. Audit: action: "deny", rule.id: "img-large-deny", metrics.image.megapixels: 8.29. |
| DM-CLIP-10 | Image Megapixel Allow (Thumbnail) | 1. Policy: Allow image/* outbound when imageMegapixels.max: 0.25.2. App: Copy a small icon (e.g., 128 × 128 = 0.016 MP) to clipboard. 3. Host: Paste. | Pass: Image pastes successfully. Audit: action: "allow", metrics.image.megapixels: 0.016. |
| DM-CLIP-11 | Image Megapixel Range (Pipeline) | 1. Policy: Route image/* outbound through process pipeline when imageMegapixels is between 0.25 and 2.0.2. App: Copy a window screenshot (~1 MP) to clipboard. 3. Host: Paste. | Pass: Pipeline executes (OCR/DLP inspect); outcome depends on inspection result. Audit: action: "process", pipeline step details present. |
| DM-CLIP-12 | Image Dimensions Deny (Multi-Monitor) | 1. Policy: Allow image/* outbound only when imageDimensions.width.max: 2560 and imageDimensions.height.max: 1440.2. App: Take a dual-monitor screenshot (e.g., 5120 × 1440). 3. Host: Paste. | Pass: Paste is denied. Audit: action: "deny", metrics.image.widthPx: 5120. |
| DM-CLIP-13 | Asymmetric Image Direction | 1. Policy: Allow image/* with direction: "in"; deny image/* with direction: "out" (both at same priority).2. Host: Copy image, paste into sandbox app. 3. App: Copy image from sandbox, paste on host. | Pass: Step 2 succeeds (inbound allow). Step 3 denied (outbound deny). Audit shows matching direction for each event. |
| DM-CLIP-14 | Megapixel + Dimensions Combined | 1. Policy: Allow image/* outbound when both imageMegapixels.max: 2.0 AND imageDimensions.width.max: 2560.2. App: Copy a 2400 × 800 image (1.92 MP, within MP limit but within width limit) — should allow. 3. App: Copy a 3000 × 600 image (1.8 MP, within MP limit but exceeds width) — should deny. | Pass: Step 2 allows. Step 3 denies (width exceeded despite MP under threshold). Match fields are logical AND. |
Evidence Requirements
- Audit category:
dataMotionwithchannel: "clipboard",direction,action,outcome. - Include
rule.id,priority,bytes/items, and classification context where applicable. - For image tests (DM-CLIP-09 through DM-CLIP-14): include
metrics.image.widthPx,metrics.image.heightPx,metrics.image.megapixels, andmetrics.image.format.
Troubleshooting
- Verify the rule priority and
defaultActionposture. - Confirm MIME/type detection and size thresholds are configured as intended.
Known Limitations & Negative Space
- These procedures validate clipboard channels only. They do not cover covert exfiltration via screenshots or OCR; see Screen Capture & Share tests.
- Clipboard manager behaviors vary by OS and app. Validate both inbound and outbound directions explicitly in your environment.
