Actually, not saving state is not a security feature per se*. It is a consequence of template-based VM design.
The root filesystem of a template-based VM is cloned from the template on boot. This allows performing updates of many VMs at once by updating just one TemplateVM. There is however a filesystem for storing some state (typically mounted at /rw). If it was a security feature, it would be quite weak. On typical OSes, the attacker has plenty of places where they can drop/hook a malware, for example .bashrc and /rw/config/rc.local. If you want to store something in other directories than /home, /usr/local and similar, you can: a. Extend the list of persisted directories: https://www.qubes-os.org/doc/bind-dirs/ b. Create a Standalone VM. This allows you full control of the VM, but it will take more space and you won't be able to update it just by updating its template. Regards, Vít Šesták 'v6ak' *) Well, it can improve security by making administration easier. Without that, it would be easy to make some infrequently-used VM outdated. When you would start the VM after some time, you would risk various attacks sooner or lated. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4c9b2123-86a5-4c55-859d-f9c10708757c%40googlegroups.com.
