On 2/22/26 14:32, qubist wrote:
Thank you for the detailed response.
I am confused by your earlier welcoming of reasoned arguments for
changes vs. your total rejection of any changes and any reasoning.
Philosophically speaking, the more you take out, the less useful it is
for the /*majority* /of people.
Reducing the functionality down to the absolute bare minimum that can
just barely run makes it that much more unusable for the vast majority
of people. By the time you get down to the /bare bones/ of a /truly
minimalist system/ there would be too many permutations of /what is
needed/ to make it become useful to others, because */each persons
use-case will be different/*.
Here is an idea, create your ideal minimalist Template and put it out in
the Community Template directory. If someone wants such a highly
constrained template then they can download it from there. Doing this
would be a community service. Collaborate with others if they find it
useful.
Personally I don't want such a tightly constrained Template because it
doesn't actually provide any benefit to me beyond the current minimal
Template that is already available. The size of the footprint on disk is
not that concerning, and security wise if something isn't running and in
memory then it doesn't add anything to the attack surface. Perhaps if
you are concerned with the speed of loading a VM into memory? Bbut that
speed up difference won't be that all much. A few nanoseconds? A faster
machine would help even more.
If someone does break into your /super-minimalist/ /template/ or its
associated AppVM somehow, and then they subsequently discover *three
whole editors*, sorry, the game is already over. You loose. It didn't
matter that you have a few extra binaries sitting around on that drive
volume or not. You are already toast. If there is no editor at all they
will just import one. You see, if your adversary is smart enough to get
into that runtime environment in the first place then they are certainly
smart enough to import whatever binaries they like as long as the disk
volume space allows for it. Maybe not Emacs, but Vim, pico, or micro
will likely fit unless its on a read-only volume with no CoW.
If you want a template without any network interface at all, then have
at it. Without at least a loopback interface it will be pretty much
useless for most people. Publish your Template and wait for the
questions to come on how to use it with zero editors installed. Or
install just one editor, and wait for the questions on why you chose
*THAT* editor.
Bottom line. You can't please everyone. You have to make choices, and
your choices are not going to be the equivalent choices of everyone
else. If you do include enough choices then you please more people, so
its a balance. The Qubes team is just trying to strike that magic
balance by catering to what the most users really need.
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion visit
https://groups.google.com/d/msgid/qubes-devel/434d8a4a-7e26-4734-afea-21ed14fb42e7%40gmail.com.
