On 8/10/19 5:12 AM, 799 wrote:
Hello,
Jon deps mailto:yreb...@riseup.net>> schrieb am
Mi., 3. Juli 2019, 22:30:
am curious if anyone actually does this , and how or would it make
any sense instead to use a static sys-firewall , if I
just have the default sys-firewall (which
799:
> What would be the better choice regarding attack surface:
> disposable netvm+firewallvm vs. mirage-firewall?
You still need a netvm with Mirage, but smallest attack surface alone is
disposable netvm + Mirage. "Disposable" doesn't increase or decrease
attack surface, though. It helps
Hello,
Jon deps schrieb am Mi., 3. Juli 2019, 22:30:
> am curious if anyone actually does this , and how or would it make any
> sense instead to use a static sys-firewall , if I
> just have the default sys-firewall (which might be easier because
> there would not be a need for the PCI setup
Jon deps:
> https://www.qubes-os.org/doc/disposablevm-customization/#using-static-disposablevms-for-sys-
>
>
>
> I can't really understand what the differences would be with a static
> dispvm (based on a dispvm-template) vs just a regular sys-net
>
> if nothing is disposed (static) isn't
am curious if anyone actually does this , and how
or would it make any sense instead to use a static sys-firewall , if I
just have the default sys-firewall (which might be easier because
there would not be a need for the PCI setup ?each time)
