15. Sep 2018 00:14 by [email protected] <mailto:[email protected]>:
> On Fri, Sep 14, 2018 at 04:13:53PM -0500, Sven Semmler wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA256 >> >> On 9/14/18 2:16 PM, Matteo wrote: >> > there is a docx in the "documents vm" but you open it in a special >> > vm that allows you to edit it safely (kind of dispvm), all this >> > with just double click. >> >> You can already do this. All you have to do is set the default handler >> in your "documents vm" to use qvm-open-in-dispvm. >> >> You can even go a step further and hook up qvm-open-in-vm via a >> desktop shortcut (to provide an ignored vm parameter) and then change >> the policy in dom0 to always show you the dialog of all VMs to choose >> which one to open it in. >> >> Ivan Mitev explained the details to me back in May: >> https://groups.google.com/d/msg/qubes-devel/0CpN7ol1ZdM/0cBPvwc6CgAJ >> <https://groups.google.com/d/msg/qubes-devel/0CpN7ol1ZdM/0cBPvwc6CgAJ> >> >> So in my setup: >> >> - -> whenever I click a web link I get a dialog and can choose to either >> open a new online dispvm or tor dispvm or open in an already running >> (disp) vm >> >> - -> whenever I open a document I get a dialog and I can choose to open >> in an offline disp vm or an already running offline disp vm >> >> ... in other words: everything I ever open (links and documents) is >> always in a disp vm and I can choose on the fly whether offline, >> online or with TOR. Since changes to a document in a dispvm propagate >> back to the calling VM this also works great for document I work on. >> >> If it wouldn't require customization of the guest vm (the default >> handler and the desktop shortcut), I would promote this to be the >> default behavior. But I should probably write it all up nicely and >> submit to the Qubes documentation. It's really powerful. >> >> Cheers, >> Sven >> >> -----BEGIN PGP SIGNATURE----- >> >> iQIzBAEBCAAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAlucJJIACgkQ2m4We49U >> H7b7nQ/9HGyOn2Z1XWhvquuWAzBQPuJgE85cZ9IKCLK1OwjXpcUnej0/Dwa3jjL8 >> J6g2UVtsRx9/5jt0+tifRzFAlfOuFjvh/R80P335hnc4R+UceLq95dfnFaPFtLZk >> +TelcKnJ5haSIsO/XErKPs+OqA4L5Ukdf7Wym36zIOm5TGU5QnrXHlIYr/Dpyjdt >> sEG3gzk2itnTyEL4GOwK652tqMWHrzkc8ZnYLSmOOOdRCRJy/SCM+DV/DOSHrsvH >> SZr5HpnCVLFWHn8WZ2af7h28g+foautDpsHGDfoU6hC/GU21nmCYKchKWUeuE7jM >> sQCiVTv36MLgFD6WJg3hRZxr0x/T75V0iOAbS5rWZ+IRJaIoOF26ZrskYRfi5I62 >> MaeXgBFCMgvQr01pL6GUMMCrCIu01LViuJT8DsXW0vbxAI34gq1XexaUPaBWZJo5 >> rns+5oIixBUfuvROZPy3vwSKHxKdwFecHWkmVldFHcetnC9Q3rPveSRdAvhkNdQv >> JpiFeCy/3n20cU7yOAJhEhs1xnRA1XH7VhyW6Dn4T1MgHWh74eVaEqQOUyl9Q+J1 >> p8HGONz8zSsPO+o9e+OCa2fMaPA8nfrTo1VjazMP1OmW5xLWedJb915aG+nxEfCy >> ray1zbl2O8nCoOvtOOeJG1NeD7tv46m50Sv3SqbIXUOxS2KfLNs= >> =zISj >> -----END PGP SIGNATURE----- > > You dont say this, but if you use a minimal template for the document > vm, then you minimise the risk of inadvertently opening a file there by > mistake. > You can, in fact, strip out almost any application other than a > qubesopen tool, or pdf and img-convert. > > -- > You received this message because you are subscribed to the Google Groups > "qubes-devel" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to > [email protected] > <mailto:[email protected]>> . > To post to this group, send email to > [email protected] > <mailto:[email protected]>> . > To view this discussion on the web visit > > https://groups.google.com/d/msgid/qubes-devel/20180915001411.7sl6jgcz3azv35g5%40thirdeyesecurity.org > > <https://groups.google.com/d/msgid/qubes-devel/20180915001411.7sl6jgcz3azv35g5%40thirdeyesecurity.org>> > . > For more options, visit > https://groups.google.com/d/optout > <https://groups.google.com/d/optout>> . Something similar is the sd-svs in SecureDrop-on-Qubes, see https://github.com/freedomofpress/securedrop-workstation <https://github.com/freedomofpress/securedrop-workstation> Anyway, it seems like there could be some issues: a) Documents that "link" other documents. For example: html pages that reference locally-downloaded images/css, Inkscape docs with linked images, bash scripts that source other scripts. Unfortunately qvm-open-in-vm currently only copies just one file, so all links are broken in the dispvm. b) Can't save progress. qvm-copy-to-vm only copies back the edits after the VM shuts down, right? So what if the system crashes in the meantime? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/LMQJKiD--3-1%40tutanota.com. For more options, visit https://groups.google.com/d/optout.
