[prev in list] [next in list] [prev in thread] [next in thread] 

List:       qubes-devel
Subject:    Re: [qubes-devel] DispVM design decisions for Qubes 4.0
From:       Joanna Rutkowska <joanna () invisiblethingslab ! com>
Date:       2016-05-18 10:58:46
Message-ID: 20160518105846.GF16382 () work-mutt
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Tue, May 17, 2016 at 02:41:18PM +0200, Marek Marczykowski wrote:
> On Tue, May 17, 2016 at 02:20:07PM +0200, Joanna Rutkowska wrote:
> > On Tue, May 17, 2016 at 01:57:47PM +0200, Marek Marczykowski wrote:
> > > Selecting srcvm as the DispVM template will have undesired effect: that
> > > DispVM will have (read-only) access to srcvm private image. Not
> > > something we want...
> > > 
> > 
> > Right, good point. Anyway, I still think we should go for the "inherit only from
> > the DispVM template" option.
> 
> Ok.
> 
> So, I think this will be enough for new DispVM implementation. To
> summarize:
> 
> 1. Modify qrexec policy to allow express "DispVM based on X", not only
> "DispVM" by adding "$dispvm:vmname" option. Have "$dispvm" mean "default
> DispVM", not "any DispVM".
> 
> 2. Move target VM choice from calling VM to dom0, based on qrexec policy
> and user choice (https://github.com/QubesOS/qubes-issues/issues/910)
> 
> 2a. (optional for 4.0?) Add ability to specify default target VM for
> given service and source VM.
> 
> 3. Inherit all the VM settings from DispVM base VM, instead of calling
> VM (including label and netvm)
> 
> Related:
> 
> 4. Implement qubes.OpenURL service
> (https://github.com/QubesOS/qubes-issues/issues/1487)
> 

Sounds about right. Also adding Wojtek.

joanna.
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJXPErlAAoJEDOT2L8N3GcYAZcP/2GjBb22rVv09B0rqobO71gf
bC9FoTaqvOKfD6McvQwmA1a/ojlMgM9XkU4AT2Pe2Z1jrxUjJtd6NJeDf3cZDNXD
5eW/rjQtAqvRP/urQUmFRhK7sU/LAhBh3d+xki1I8zfAfTFDX4gnSpRK5ZgyMuSN
S9XXmPgmFakqkpXvUjUYPvEq47Z7mEnvhS0NZkZ/ItgzG7wnPLgER7I5iPUeLnM6
kn4sFXy4HbCTWedsDNeBgJ2s5lk0gE+6sANnLaXSRLog7QhtngwWtb5KNvHDMAJW
3/g4cPjqVjJDh5gaT2BjzJgDB+dAagczbgyYGI4gNXbQ3M7M3spgiqZTbtWPOkMd
4Bcy6M40wp9ktzoy8KXWXiifNlplk5sbng8fGuwQw9S8P8u59oL/tWL/uN70xptc
T/x85an4kzy08rsMQkenIeiD7yfBnT/H0XQZ2aARPlIVm+tik8hk6yMpBFQkCf2y
3/jL1CJL2hBnp4fnutTT5DiHwEtODdPMp3nwer4U/I4ohxWq2Zgj3F8jbxCrgBgs
l7CtqAhe1dktGAfK5kbjHHDMEETAie/tB0a/MbJLJ1UtA1PzoclUEF4p8lUkTlDW
fXqhXsGXEx+eJsZ0zbhaUQicALwFXzbFF2ZQPUCVBplyYr3d0hKqasI7JoB1OUL5
Ic01SRvyCuMKhg7ADoAm
=LC6A
-----END PGP SIGNATURE-----

-- 
You received this message because you are subscribed to the Google Groups \
"qubes-devel" group. To unsubscribe from this group and stop receiving emails from \
it, send an email to qubes-devel+unsubscribe@googlegroups.com. To post to this group, \
send email to qubes-devel@googlegroups.com. To view this discussion on the web visit \
https://groups.google.com/d/msgid/qubes-devel/20160518105846.GF16382%40work-mutt. For \
more options, visit https://groups.google.com/d/optout.


[prev in list] [next in list] [prev in thread] [next in thread]