On Fri, January 12, 2018 11:10 am, 'Tom Zander' via qubes-devel wrote: > The beauty of Linux is that practically all config files are plain-text. > As > such we can make sure with only minimal effort that if we were to > auto-copy config files between qubes that we do not introduce any security > issues. > > The task; > create a setup where each VM has a hidden directory with a git repository > that we will be copying the config files into. Add a new qube which runs > a git server like gitolite. On the server side you need some checks in a > git push- hook that rejects any changes that could be a security issue. > Executable > files, non-text files etc.
Securing this sounds hard, but could the existing update proxy system be utilized for this? -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To post to this group, send email to qubes-devel@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/49b721c15e2071724f84ebd8198393e5.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.