-BEGIN PGP SIGNED MESSAGE-
> I am looking for a really secure way to use Qubes for searching not
> only a hard drive for file names, but for text that is in files.
> The goal is to avoid an exploit in the searched files leading to a
> takeover of the hard drive by malware.
> The total size of all my files is too large for me to put them all
> in one qube before searching for text in them.
> Would it perhaps be possible to mount only a single partition of the
> hard drive into a qube, but not with write permissions, only read
Yes, e.g. like this:
$ qvm-block attach --ro destinationvm sys-usb:sda1
Then you can decrypt and mount the read-only /dev/xvdi in the
> I would do the search on command line, using "grep" for plain text
> files, "pdfgrep" for PDFs, and something for table files, databases,
> Is my idea feasible? And how secure would it be?
Sounds fine to me. But malicious content could still exploit the
destination VM, so consider attaching to a DisposableVM (after
switching off its networking).
If your partition is LUKS1 encrypted, Split dm-crypt might be
convenient. Its default behavior is to attach the decrypted partition
to an offline DisposableVM:
$ qvm-block-split attach --ro sys-usb:sda1
 TODO: LUKS2 support
-BEGIN PGP SIGNATURE-
-END PGP SIGNATURE-
You received this message because you are subscribed to the Google Groups
To unsubscribe from this group and stop receiving emails from it, send an email
To view this discussion on the web visit