I am not sure who wrote:
The other question is when I want to open all links in a DVM (starting a new DVM/browser for every link looks like overkill to me), how can I set APPVMNAME correctly (it will have a name like "disp9474", changing whenever on is started). And can such DVM be started automatically if there is none yet?
You might want to create a named disposable qube... qvm-create --class DispVM --template dvm-template --label red named-dvm... then in the qubes.OpenURL policy file you can append default_target to the ask like so:
$anyvm $dispvm ask,default_target=named-dvm What that does:* named-dvm is just like any other dispvm but you gave it a specific name as opposed to disp123
* when you click a link you still get the policy dialog, but the named dispvm is preselected
... I used to do that, but then decided that I want the extra security of having a new disp vm for each link. I am sometimes tired or distracted and want to have as many automatic safety in place as I can to prevent information leakage.
Also: even though it is slightly inconvenient I strongly recommend to have Javascript disabled by default (NoScript, Torbrowser on 'safest', etc). This way you can still enable it if you decide you need it, but nothing happens by default.
/Sven -- public key: https://www.svensemmler.org/0x8F541FB6.asc fingerprint: D7CA F2DB 658D 89BC 08D6 A7AA DA6E 167B 8F54 1FB6 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/737d801b-5242-5445-eaf7-e04ab7db792d%40SvenSemmler.org.
OpenPGP_signature
Description: OpenPGP digital signature
