[ziml77]

macOS actually has these kinds of permissions. The clipboard is still a free-for-all though. I guess that's harder to lock down because it's more than just a simple option of fully allowing or denying access to the clipboard. You would want to be able to paste to any application even if that application can't read the clipboard whenever it wants, but you'd be adding an extra confirmation on every paste if a user doesn't initiate the paste in a way that the OS knows is secure.

[imiric]

I think the solution can be quite simple: allow the user to configure secure channels between apps, sidestepping the main clipboard altogether. So that if e.g. a password manager is configured as source, and the browser as destination, have an option in the password manager to send a password directly to the browser. There would be no intermediary storage like the traditional clipboard, and no typing with a virtual keyboard, just apps communicating directly via a secure mechanism provided by the OS, and configured by the user.

This is already possible by using named pipes on Linux[1], but it has to be built specifically for each app, and anything can go wrong with the implementation. It seems like it would be relatively simple to have this functionality built into the OS.

[1]: https://news.ycombinator.com/item?id=33329561