From qubes-devel Wed May 18 10:58:46 2016 From: Joanna Rutkowska Date: Wed, 18 May 2016 10:58:46 +0000 To: qubes-devel Subject: Re: [qubes-devel] DispVM design decisions for Qubes 4.0 Message-Id: <20160518105846.GF16382 () work-mutt> X-MARC-Message: https://marc.info/?l=qubes-devel&m=146356913506801 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Tue, May 17, 2016 at 02:41:18PM +0200, Marek Marczykowski wrote: > On Tue, May 17, 2016 at 02:20:07PM +0200, Joanna Rutkowska wrote: > > On Tue, May 17, 2016 at 01:57:47PM +0200, Marek Marczykowski wrote: > > > Selecting srcvm as the DispVM template will have undesired effect: that > > > DispVM will have (read-only) access to srcvm private image. Not > > > something we want... > > > > > > > Right, good point. Anyway, I still think we should go for the "inherit only from > > the DispVM template" option. > > Ok. > > So, I think this will be enough for new DispVM implementation. To > summarize: > > 1. Modify qrexec policy to allow express "DispVM based on X", not only > "DispVM" by adding "$dispvm:vmname" option. Have "$dispvm" mean "default > DispVM", not "any DispVM". > > 2. Move target VM choice from calling VM to dom0, based on qrexec policy > and user choice (https://github.com/QubesOS/qubes-issues/issues/910) > > 2a. (optional for 4.0?) Add ability to specify default target VM for > given service and source VM. > > 3. Inherit all the VM settings from DispVM base VM, instead of calling > VM (including label and netvm) > > Related: > > 4. Implement qubes.OpenURL service > (https://github.com/QubesOS/qubes-issues/issues/1487) > Sounds about right. Also adding Wojtek. joanna. -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJXPErlAAoJEDOT2L8N3GcYAZcP/2GjBb22rVv09B0rqobO71gf bC9FoTaqvOKfD6McvQwmA1a/ojlMgM9XkU4AT2Pe2Z1jrxUjJtd6NJeDf3cZDNXD 5eW/rjQtAqvRP/urQUmFRhK7sU/LAhBh3d+xki1I8zfAfTFDX4gnSpRK5ZgyMuSN S9XXmPgmFakqkpXvUjUYPvEq47Z7mEnvhS0NZkZ/ItgzG7wnPLgER7I5iPUeLnM6 kn4sFXy4HbCTWedsDNeBgJ2s5lk0gE+6sANnLaXSRLog7QhtngwWtb5KNvHDMAJW 3/g4cPjqVjJDh5gaT2BjzJgDB+dAagczbgyYGI4gNXbQ3M7M3spgiqZTbtWPOkMd 4Bcy6M40wp9ktzoy8KXWXiifNlplk5sbng8fGuwQw9S8P8u59oL/tWL/uN70xptc T/x85an4kzy08rsMQkenIeiD7yfBnT/H0XQZ2aARPlIVm+tik8hk6yMpBFQkCf2y 3/jL1CJL2hBnp4fnutTT5DiHwEtODdPMp3nwer4U/I4ohxWq2Zgj3F8jbxCrgBgs l7CtqAhe1dktGAfK5kbjHHDMEETAie/tB0a/MbJLJ1UtA1PzoclUEF4p8lUkTlDW fXqhXsGXEx+eJsZ0zbhaUQicALwFXzbFF2ZQPUCVBplyYr3d0hKqasI7JoB1OUL5 Ic01SRvyCuMKhg7ADoAm =LC6A -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscribe@googlegroups.com. To post to this group, send email to qubes-devel@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/20160518105846.GF16382%40work-mutt. For more options, visit https://groups.google.com/d/optout.