On Thursday, 21 December 2017 19:02:23 CET Unman wrote: > This helps protect against user error - for example, opening a browser in > Template by mistake, and using it to browse the web.
A separate thought occured to me, if Qubes is worried about users misusing templates, I'd argue that free sudo-access should be removed from templates so you benefit from standard user protection. In other words, you'd need a privilege escalation to compromise your template. While today the bar is much much lower. Naturally, an AppVM based on a template would have to have full sudo access. What do people think about this? -- Tom Zander Blog: https://zander.github.io Vlog: https://vimeo.com/channels/tomscryptochannel -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4630734.vq5SLFKYRq%40strawberry. For more options, visit https://groups.google.com/d/optout.
