On December 25, 2021 10:37:04 PM GMT+01:00, mm wrote:
>
>On 12/25/21 21:16, Manuel Amador (Rudd-O) wrote:
>>
>> Honestly if I were directing the project I would set up a Plone instance,
>> and use its excellent i18n to write docs. Additionally, if wanted, I would
Honestly if I were directing the project I would set up a Plone instance, and
use its excellent i18n to write docs. Additionally, if wanted, I would set up
two way sync between a github repo and the site. Ask me for more details if
interested.
--
You received this message because you are
On 16/12/2021 23.54, Hugo V.C. wrote:
"is single user in each VM because it is assumed that the kernel is
not trustworthy."
Can you elaborate it a bit? I don't get what you mean. Are you
assuming that compromising a jailed an unprivileged web browser is the
same as running it as root?
In
On December 16, 2021 8:25:19 AM GMT+01:00, Hugus Maximus
wrote:
>
>Hi all,
>
>I just published document discussing some well known security limitations
>of Qubes OS:
>
>https://www.pentest.es/Demystifying_QubesOS_Security.pdf
I will review it.
That said, the security model of Qubes is
On 16/12/2021 01.07, Marek Marczykowski-Górecki wrote:
Here is how qrexec policy prompt is doing it:
https://github.com/QubesOS/qubes-core-qrexec/blob/master/qrexec/tools/qrexec_policy_exec.py#L64-L112
Bad news, I did not understand any of that code. :-(
Just to see if I understand at least
On 16/12/2021 01.07, Marek Marczykowski-Górecki wrote:
If going with standard qrexec prompt (+#5853), you'd get that for free;)
Otherwise, you need a qrexec service that calls into GUI domain to do
the prompt (and then validate its output to really allow only the thing
that was asked about, not
Prefacing this response with:
I went with the implementation as designed by the document. In the
future I will revise argument passing to use the new 4.1 style, instead
of base64 over pipes. Currently the implementation uses a custom-made
dialog — a very nice one, if I do say so myself — in
Hello, folks.
A new version of Qubes shared folders has been released.
https://github.com/Rudd-O/qubes-shared-folders
The main highlight of this version is a revamped security model that
allows the user to securely delegate folder access permissions to
specific pairs of qubes, either as a
Information, suggestions, critiques, and patches welcome!
On 13/12/2021 06.58, Manuel Amador (Rudd-O) wrote:
Hi folks.
I wrote the Qubes shared folders service in an afternoon. It is what
it is -- useful, but not ideal.
I've come up with a design for an improved version that I would like
you
Hi folks.
I wrote the Qubes shared folders service in an afternoon. It is what it
is -- useful, but not ideal.
I've come up with a design for an improved version that I would like you
to review for correctness and to see if it could be implemented better.
I think this design has
Hello, kind folks!
I am done making changes and testing the new releases of ansible-qubes
(which includes bombshell-client to run shell commands across VMs) and
Qubes network server. The master branches of both projects are now
compatible with Qubes 4.1 and work correctly as expected.
*
Good point. Syntax may actually be a dict instead of a list of enabled ones,
with the values of the dict being booleans for configuring yes/no to the menu
entry.
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group
Is there anything else you guys would recommend me to look at? Any
resources?
IIRC Mutter is programmable via JavaScript. It should be doable to
select a window border color by looking at the correct window manager
hint and then telling Mutter to paint the border of a window a color
that
Good news. Branch
* https://github.com/Rudd-O/qubes-network-server/tree/r4.0
is now updated to include the admin code as a dom0 add-on package, using
the Qubes extension mechanisms.
Please, please, help me with a review of the code!
I will now close the pull requests I opened against the
On 14/04/2020 01.29, Marek Marczykowski-Górecki wrote:
>
> I see all you do is to react to some events and update qubesdb then. We
> have specific API that allows you to do that from a 3rd-party extensions.
> You can find documentation here (see also other about 'qubes' module,
> but you got that
Folks,
Given my own need to update my own machines, I've updated the Qubes
network server code to work with 4.0 (and, soon, beyond 4.0).
Unlike the previous iteration (which used /qrexec/ to set things up in
NetVMs and AppVMs), this code re-scopes the feature to be limited to
network-exposing
On 26/06/2019 09.50, Rusty Bird wrote:
>
> So this would not cause data loss.
>
> But there are bound to be some serious data loss bugs in 'file' - the
> worst that I know of is that cloning or backing up a running VM will
> likely result in corrupted data (in the destination), because those
>
Folks,
I haven't been able to understand the codebase for the "file" storage
pool very well.
At which point in the lifetime of a VM do changes get merged down from
the COW private.img to the base private img?
If my machine crashes, what prevents the data in the COW private.img
from being lost
On 2018-04-23 10:41, Ivan Mitev wrote:
> Hi,
>
> In 4.0, when creating an AppVM based on a TemplateVM, is it expected
> that none of the new VM's prefs are copied from the template VM ?
>
> For instance: (test2 is a TemplateVM)
>
> qvm-prefs test2 kernel -> ''
> qvm-prefs test2 virt_mode -> 'hvm'
Jasper Tron
>- - Jeepler
>- - Jon Griffiths
>- - Mario Geckler
>- - Michal Rostecki
>- - Nicklaus McClendon
>- - Olivier Médoc
>- - o
>- - Patrick Schleizer
>- - Joonas Lehtonen
>- - qubesuser
>- - Manuel Amador (Rudd-O)
>- - Rusty Bird
>- - ttasket
>- - Unman
>
On 12/05/2016 02:50 AM, Marek Marczykowski-Górecki wrote:
>
> There are also still a couple of rough edges during installation/first
> run. For
> example "LVM thin" storage should be used, but currently it needs to be
> selected manually (using custom partitioning option). And depending on
> the
On 11/11/2016 11:57 PM, Trammell Hudson wrote:
> On Sat, Nov 12, 2016 at 12:47:22AM +0100, Marek Marczykowski-Górecki wrote:
>> [...] But in anyone need something newer than 4.4.x
>> for some hardware support - here it is.
> That's great -- I've been struggling to get the power consumption
> on
On 11/04/2016 12:07 PM, Ivan wrote:
>
>
> Seconded - there should really be a way to test hardware compatibility
> before installing.
A menu entry right under "Test and install the image" during the
installer GRUB boot?
That would be very nice, actually. Donno what the menu entry should do,
but
On 11/03/2016 08:13 PM, Marek Marczykowski-Górecki wrote:
> Hi,
> [...]
> So, now the question - do we want to keep launching Xen for
> installation, or launch just plain Linux?
You're asking us about something whose answer you already know.
And we agree with you.
If there is no security
On 10/28/2016 11:28 AM, Trammell Hudson wrote:
> I'm not sure if this issue affects anyone else, but the /etc/crypttab in
> initramfs does not have entries for extra partitions that were created
> during installation. It only has / and swap.
>
> Since I'm configuring / to be read only, I have a
On 10/28/2016 01:48 PM, HW42 wrote:
> Marek Marczykowski-Górecki:
> [...]
> > I see. The server part is much more critical, so it's ok to have as it
> > is now. Actually my solution also pass the data manually on the
> client side
> > - but it uses "cat" for this:
>
> > (echo $GIT_EXT_SERVICE
On 10/28/2016 01:48 PM, HW42 wrote:
> Marek Marczykowski-Górecki:
> [...]
> > I see. The server part is much more critical, so it's ok to have as it
> > is now. Actually my solution also pass the data manually on the
> client side
> > - but it uses "cat" for this:
>
> > (echo $GIT_EXT_SERVICE
On 10/28/2016 10:51 AM, cyrinux wrote:
> Le jeudi 27 octobre 2016 13:47:14 UTC+2, Manuel Amador (Rudd-O) a écrit :
>> It gives me great pleasure to announce the inter-VM Git bridge for Qubes
>> OS, which allows you to git push and git pull from VMs stored in other
>> repo
On 10/28/2016 09:17 AM, Marek Marczykowski-Górecki wrote:
> On Fri, Oct 28, 2016 at 04:56:36AM +0000, Manuel Amador (Rudd-O) wrote:
> > On 10/27/2016 01:13 PM, Marek Marczykowski-Górecki wrote:
> >> On Thu, Oct 27, 2016 at 11:47:04AM +0000, Manuel Amador (Rudd-O) wrote:
>
On 10/27/2016 01:13 PM, Marek Marczykowski-Górecki wrote:
> On Thu, Oct 27, 2016 at 11:47:04AM +0000, Manuel Amador (Rudd-O) wrote:
> > It gives me great pleasure to announce the inter-VM Git bridge for Qubes
> > OS, which allows you to git push and git pull from VMs stored in
On 10/27/2016 11:32 AM, Marek Marczykowski-Górecki wrote:
> On Thu, Oct 27, 2016 at 01:31:21PM +0200, Marek Marczykowski-Górecki
> wrote:
> > Hi,
>
> > If anyone is curious, I've uploaded example test results:
> > https://ftp.qubes-os.org/~marmarek/tests-r3.2-20161025.html
> > and original text
I filed a ticket about it a long time ago and then made a fix today:
https://github.com/QubesOS/qubes-core-agent-linux/pull/20
--
Rudd-O
http://rudd-o.com/
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group
Folks, it gives me great pleasure to announce the product of over two
years of work (primarily because I never paid enough attention to this
project to bring it to completion): Qubes network server.
The traditional Qubes OS networking model contemplates a client-only use
case. User VMs (AppVMs or
Hello. I just did an update, rebooted, and now my window borders do not
have the VM's colors. The prefix on the window title is correct tho.
What gives?
--
Rudd-O
http://rudd-o.com/
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
34 matches
Mail list logo
