On 10/11/2016 09:47 PM, jan.f...@gmail.com wrote: > Hi, > > is there a way to connect to appvm console directly from qubes login > screen? The reason for doing this is to give access to internet to > other user while not giving him possibility to access anything else, > he will be locked in virtual machine, neither usb copying will be allowed. > What is your opinion on this? What about security issues? > > thanx for advice.
There might be a way to create a special user session that, all it does, is start a VM, connect to its Qubes GUID, and display whatever the session has. No controls, no terminals, no Qubes Manager. You just have to create your session as a script and add it to /usr/share/xsessions. The guest user you are thinking of must be a member of the qubes group, and under no circumstances may your guest session program open any sort of application on dom0. Best of luck. > > jan > > Dňa pondelok, 3. mája 2010 12:33:07 UTC+2 Joanna Rutkowska napísal(-a): > > On 05/01/2010 01:11 AM, Peter Moody wrote: > > Howdy, > > > > I have a somewhat strange use-case; I like to try and use qubes (or > > something like qubes) to protect not only the user applications (and > > appvms) from each other, but as an administrator, I also want to set > > this up so that the user can't bypass my additional policy. > > > > Qubes does not pretend to be a multi-user system. > > We originally discussed some possibilities of creating unprivileged > (multi) user account(s) in Dom0, so that e.g. user Alice didn't have > access to user's Bob's AppVMs. But Rafal immediately came up with a > dozen on of potential attack vectors from such unprivileged user > accounts to system admin (root), that we decided to give up on > this. The > biggest problem here is that the Xen infrastructure, e.g. the Xen > Daemon > (xend)'s management interface, has not been designed to allow for > secure > control of Xen by an unprivileged user. So, there doesn't seem to be a > secure way to e.g. allow user Alice to talk to Xend in order to > control > her VMs, but at the same time to not introduce huge attack surface > that > might let her escalate to root. > > Plus, there are many other avenues for a user that has physical access > to the machine to escalate themselves to root. E.g. they can boot > system > in single user mode (this will be in the future prevented as a side > effect of using Intel TXT trusted boot). Or the user might insert a > Firewire/PCCARD and again gain full control over the system (this will > be in the future prevented via more fine-grained VT-d permissions and > isolated storage domain). > > So, for the above reasons, we currently do not plan to implement > support > for multi-users for Qubes. We just know it cannot be done securely in > the moment. > > We currently try to protect the user from various threats, rather than > protect the system from the user. > > Obviously other OSes, like Windows or Mac, are not any better in terms > of multi-user security. > > joanna. > > -- > You received this message because you are subscribed to the Google > Groups "qubes-devel" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to qubes-devel+unsubscr...@googlegroups.com > <mailto:qubes-devel+unsubscr...@googlegroups.com>. > To post to this group, send email to qubes-devel@googlegroups.com > <mailto:qubes-devel@googlegroups.com>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/qubes-devel/e557bb7e-b258-49e2-b3e4-af578614b73e%40googlegroups.com > <https://groups.google.com/d/msgid/qubes-devel/e557bb7e-b258-49e2-b3e4-af578614b73e%40googlegroups.com?utm_medium=email&utm_source=footer>. > For more options, visit https://groups.google.com/d/optout. -- Rudd-O http://rudd-o.com/ -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To post to this group, send email to qubes-devel@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/50c359e3-f8e3-2976-c252-aed5ae8542ba%40rudd-o.com. For more options, visit https://groups.google.com/d/optout.
