> On 2016-08-19 05:11, johnyju...@sigaint.org wrote: >> When I try to run qvm-run from within an AppVM, I get "Request refused." >> >> Is this by design, for security reasons? If so, I guess that's >> perfectly >> reasonable. I just don't see that fact documented anywhere. >> > > Yes, but it's completely user-configurable. You can read all about this > system > here: > > https://www.qubes-os.org/doc/qrexec3/
Sweet! Mainly looking to have Keepass, running in an offline AppVM, to be able to fire up specifically-allowed URL's in a browser in another AppVM, and stuff a password into its clipboard. (So it sounds like I could restrict the qrexec to a custom script in the AppVM that only opens that specific site; and stuffing the clipboard should be pretty benign, too.) If I'm very careful about the permissions, I should be able to keep any risk under control. The qrexec design looks pretty flexible. Thanks! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/89dfd009013139c7caa9ec16a5920efd.webmail%40localhost. For more options, visit https://groups.google.com/d/optout.