From 85b5dcae9579a5c3ed5973bd95ea1ba5c107d921 Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Fri, 19 Sep 2014 11:02:01 -0300
Subject: Xinput and clipboard isolation

---
 README.md | 27 ++++++++++++++++++++++++---
 1 file changed, 24 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index fa64c86..f022c50 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,25 @@
-Scripts: vbox
-=============
+VirtualBox Wrapper
+==================
 
-This is the vbox repository.
+Wrapper to provide easy to use GUI isolation.
+
+Xinput and clipboard isolation
+------------------------------
+
+VirtualBox offers some protections agains inherent insecurities on X server
+architecture[1] but not as tough as [Qubes](https://qubes-os.org) or maybe
+how [Subgraph](https://subgraph.com/sgos/index.en.html) is planning.
+
+It's still possible to sandbox applications using VirtualBox and have some level
+of protection while having a slightly simple setup if you can't migrate to Qubes:
+
+  1. Clipboard sharing: you can entirelly disable this feature or have just
+     the hability to copy content from the VM to the host X session.
+
+  2. Xinput isolation: by my early testings, VirtualBox provides xinput isolation
+     as the guest can just capture events when the guest window is focused. But this
+     needs further research.
+
+References:
+
+* [1](http://theinvisiblethings.blogspot.com.br/2011/04/linux-security-circus-on-gui-isolation.html).
-- 
cgit v1.2.3