On Thursday, 6 August 2020 17:36:05 UTC+8, Chris Laprise wrote: > > IIRC she gave some indication that guest VMs shouldn't be defenseless > internally. > > -- > Chris Laprise, [email protected] <javascript:> > https://github.com/tasket > https://twitter.com/ttaskett > PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 >
Found it! There might be potential attacks against the hypervisor or daemons/backends in dom0 that require root access. Qubes founder Joanna Rutkowska initially assessed there was limited benefit from isolating the root account from the user account, because all user data is already accessible from the latter <https://www.qubes-os.org/doc/vm-sudo/#passwordless-root-access-in-VMs> [archive] <https://web.archive.org/web/https://www.qubes-os.org/doc/vm-sudo/#passwordless-root-access-in-VMs>. However, she later changed her opinion on the matter; see here <https://github.com/QubesOS/qubes-issues/issues/2695#issuecomment-301316132> [archive] <https://web.archive.org/web/https://github.com/QubesOS/qubes-issues/issues/2695#issuecomment-301316132> . https://www.whonix.org/wiki/Qubes-Whonix_Security#cite_note-11 https://web.archive.org/web/20200323113623/https://github.com/QubesOS/qubes-issues/issues/2695#issuecomment-301316132 The Whonix documentation for Qubes is actually generally applicable beyond Whonix--I highly recommend anyone interested in securing their computers look around the Whonix wiki (i.e. basically everyone reading this). The page I linked is a good starting point. Kudos to the Whonix Wiki maintainer. >My own philosophy (which prompted me to create Qubes-VM-hardening) is that if we're going to have these VMs running regular OSes, they should at least have their normal security or some equivalent intact. And also that the combination of normal security and Qubes security should yield extra benefits, which I think Qubes-VM-hardening does. This is what baffles me about some people's mindsets--if they prize security so much that thet take the time and trouble to install and learn Qubes --no small feat for most of us-- why not go a bit further and batton down the hatches of their VMs? It's usually a one-time investment that requires little to no maintenance with a huge payoff with regard to their goal (which I presume is secure computing). Kudos to you for making this process a heck of a lot easier for non-technical people, like me. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/222144ba-abd7-41c8-a68e-2a4aa88dff0eo%40googlegroups.com.
