On Sun, April 15, 2018 8:41 pm, Chris Laprise wrote:
> On 04/15/2018 04:05 PM, Chris Laprise wrote:
>
>> On 04/15/2018 03:51 PM, Chris Laprise wrote:
>>
>>> Project link: https://github.com/tasket/Qubes-VM-hardening
>>>
>>
>> TL;dr : This closes the obvious loopholes that malware can use in Qubes
On 04/15/2018 04:05 PM, Chris Laprise wrote:
On 04/15/2018 03:51 PM, Chris Laprise wrote:
Project link: https://github.com/tasket/Qubes-VM-hardening
TL;dr : This closes the obvious loopholes that malware can use in Qubes
AppVMs to escalate privileges, _impersonate_ real apps (to steal
On 2018-04-16 01:05, Chris Laprise wrote:
On 04/15/2018 03:51 PM, Chris Laprise wrote:
Project link: https://github.com/tasket/Qubes-VM-hardening
TL;dr : This closes the obvious loopholes that malware can use in
Qubes AppVMs to escalate privileges, impersonal real apps (to steal
credentials),
On 04/15/2018 03:51 PM, Chris Laprise wrote:
Project link: https://github.com/tasket/Qubes-VM-hardening
TL;dr : This closes the obvious loopholes that malware can use in Qubes
AppVMs to escalate privileges, impersonal real apps (to steal
credentials), and persist after shutdown/restart.
Leverage Qubes template non-persistence to fend off malware. Lock-down,
quarantine and check contents of /rw private storage that affect the VM
execution environment.
vm-boot-protect.service:
* Acts at VM startup before private volume /rw mounts
* User: Protect /home desktop & shell