On Sunday, November 13, 2016 at 7:51:09 PM UTC-8, Manuel Amador (Rudd-O) wrote:
> On 11/12/2016 03:21 AM, Sec Tester wrote:
> > SELinux or AppArmor.
> 
> SELinux would be absofuckinglutely great.  Confined apps like Firefox
> would run much more securely.
> 
> I got one DispVM owned by an attacker at Defcon in 2014.  Isolation was
> nice to have because the machine didn't get owned, but the VM would have
> never been owned if SELinux had been active.
> 
> -- 
>     Rudd-O
>     http://rudd-o.com/

Why not grsecurity/PaX? especially with Qubes 4 switching to HVM (or PVHv2 or 
whatever it's called now), it will apparently work fine.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/afccb992-80b0-4e7c-8f20-bc9d1b3d8c6e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to