On Wed, Feb 28, 2018 at 09:48:43AM -0800, Yuraeitha wrote: > On Wednesday, February 28, 2018 at 6:38:49 PM UTC+1, Unman wrote: > > On Wed, Feb 28, 2018 at 08:52:07AM -0800, Braden wrote: > > > Performing some modifications to dom0, but when I run apps like wget from > > > dom0 terminal I am unable to resolve addresses. Same if I were to try > > > running firefox from dom0. Know this is because of security benefits, but > > > how can I enable networking from there. Say I wanted to connect to dom0 > > > from a vnc temporarily. > > > > > There's almost never any need to do this. If you want to install > > packages you can use the update mechanism. Otherwise download files in a > > qube and then copy them in to dom0 and install them there. > > If dom0 is compromised then all your qubes are open. > > > > But you probably know this already. > > > > As things stand it's difficult, but not impossible to access dom0. You > > could open a channel to allow vnc to a qube and use socat and an rpc > > service to front to dom0. But really just dont do it: it subverts the > > whole point in using Qubes. > > btw, isn't it possible that he can use the Qubes 4 dom0 admin features to > make changes to VM's from a remote location? Could the solution be to upgrade > to Qubes 4 and use that instead? I haven't yet went discovering/understood > the limitations of the Qubes 4 dom0 admin tools, but isn't this a perfect > match to his goal if he upgrades? Apologies if I misunderstood how the dom0 > admin features work, I haven't started using it my self yet. >
Yes, it is. OP could read this post https://www.qubes-os.org/news/2017/06/27/qubes-admin-api/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20180228175017.pagkei4aq3xial7h%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
