On Thursday, January 25, 2018 at 1:34:03 AM UTC-8, Vít Šesták wrote: > Dave, why you start a new VM and not just use a loopback? Is the reason > sharing apps from multiple VMs? If si, you are at least significantly > weakening isolation. Maybe you are not keeping any, not sure. X11 was not > designed for isolation at all.
I run the vncserver in a new VM so that I can screenshare from... * multiple app VMs * VMs that can't access the conference site (i.e. bluejeans.com) or can't access the net at all * VMs that don't have vncserver installed, or don't have a plugin needed to screenshare My approach lowers security while screensharing. But the rest of the time, not screensharing, the VMs are running with normal firewall settings. I realize X11 is a weak link in what might be an otherwise secure desktop. One of the reasons I am a fan of Qubes! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b9567fb7-af2f-4e12-8421-21a9ef6168c0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
