On Fri, Dec 23, 2016 at 7:35 PM, Nicklaus McClendon
wrote:
> On 12/23/2016 07:09 PM, Jean-Philippe Ouellet wrote:
>>> If you can't access dom0, qrexec is default allowed,
>>
>> Uhh What? Can you elaborate?
>
> qrexec usage is normally defined by an RPC. This RPC has a policy,
> either allow, d
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 12/23/2016 07:09 PM, Jean-Philippe Ouellet wrote:
>> If you can't access dom0, qrexec is default allowed,
>
> Uhh What? Can you elaborate?
qrexec usage is normally defined by an RPC. This RPC has a policy,
either allow, deny, or ask. My unde
On Friday, December 23, 2016 at 6:41:27 PM UTC-5, Jean-Philippe Ouellet wrote:
> On Fri, Dec 23, 2016 at 6:10 PM, wrote:
> > but if its sole purpose is just being a server then who even cares if dom0
> > is compromised or not?
>
> I strongly disagree.
> 1) If your server performs more than one
On Fri, Dec 23, 2016 at 6:04 PM, Nicklaus McClendon
wrote:
> I'm intrigued. How is qrexec utilized?
Something which I have not set up yet, but intend to soon, is a split
email server model, where the MTA and MDA are in separate VMs, and
incoming mail is delivered over qrexec. This would have the
On Fri, Dec 23, 2016 at 6:10 PM, wrote:
> but if its sole purpose is just being a server then who even cares if dom0 is
> compromised or not?
I strongly disagree.
1) If your server performs more than one purpose, having strong trust
boundaries as (attempted to be) provided by Xen is still very
)
but if its sole purpose is just being a server then who even cares if dom0 is
compromised or not? might as well just use xenserver. if you talking about
hosting something on your home desktop i guess thats a different story. I would
use a cloud instead imo lol.
--
You received this messa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 12/23/2016 05:18 PM, Jean-Philippe Ouellet wrote:
> ... except with decent dom0 disaggregation working out of the box,
> and I'm personally making good use of qrexec in a server context
> as well.
>
> Securely accessing dom0 remotely is left as
On Thu, Dec 22, 2016 at 10:39 PM, Marek Marczykowski-Górecki
wrote:
> On Thu, Dec 22, 2016 at 12:41:25PM -0800, stevenwinderl...@gmail.com wrote:
>> I thought about the fact if its possible to use Qubes OS as a Server OS for
>> example for shared hosting or for application servers,etc.
>
> Most Q
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Thu, Dec 22, 2016 at 12:41:25PM -0800, stevenwinderl...@gmail.com wrote:
> I thought about the fact if its possible to use Qubes OS as a Server OS for
> example for shared hosting or for application servers,etc.
>
> You could basically use Templ
I thought about the fact if its possible to use Qubes OS as a Server OS for
example for shared hosting or for application servers,etc.
You could basically use Template VMs and start AppVMs running the needed
softwares for example on a shared hosting system.
Would something in this direction eve
10 matches
Mail list logo