On Wednesday, June 28, 2017 at 4:21:36 PM UTC-4, Chris Laprise wrote: > On 06/28/2017 12:19 PM, [email protected] wrote: > > Thanks, and point taken on not focusing on security implications. > > > > I found a thread from last year where some third-party devs are concerned > > about the implications of letting qvm-run -p run wild: > > > > https://github.com/SietsevanderMolen/i3-qubes/issues/15 > > > > It's a good idea, but I think I'm looking for a more secure solution - if > > it's out there. > > > > IIUC, having dom0 parse the file list is whats worrying you? Otherwise, > passing data through dom0 (no parsing) should be considered secure. > > You can have dom0 pipe between machines like so: > qvm-run -p sys-net "tar -cf - /etc/NetworkManager/system-connections" | > qvm-run -p sys-net-profiles "tar -xf -" > > This entails a small amount of risk to the profiles VM (because tar file > is parsed there), but not to dom0. > > -- > > Chris Laprise, [email protected] > https://twitter.com/ttaskett > PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
So in this case, sys-net could return whatever malicious file it desired, it would be passed through dom0 one character at a time without absolutely no interpretation, ending up at the destination VM? Or would dom0 collect the entire text of the file, and then pipe it in one piece to the destination VM? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/61e35a4f-70be-4fd9-b53b-42a1cccfecf5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
