Aaron Rainbolt

I don't understand how it's possible that the Codecov coverage reduction can be related to this PR, unless the test suite depends on the startup timing of `qubes-bind-dirs.service` (which I...

@DemiMarie I'm not quite sure how qrexec would help - qrexec runs commands as user `user` (unless there's some setting for choosing the user to run things as that I'm...

@adrelanos, @HW42 This is how I currently think this would be implemented if deleting the config files rather than changing groups: * qvm-services aren't taken into account for TemplateVMs anyway,...

@marmarek Thanks, I looked for those docs for a while and didn't find them last night. Will add that to my bookmarks.

> Note there is quite a bit of overlap with https://github.com/QubesOS/qubes-issues/issues/2695, which IMO is more flexible approach. Hmm... that's true. Perhaps we could just make it a tri-state rather than...

Oh nice! So then the setting in the GUI could just tweak the qrexec policy in dom0?

Test plan: Ensure UI reacts as expected, system installation succeeds, and the installed system is bootable, in all of the following scenarios: * `[x]` Erase disk, no encryption, pre-encrypt off,...

I don't think the EK will help here, this is re**lay** attacks, not re**play** attacks. The tricky thing with this is that only authentic data is being shown to the...

See the quote from the referenced blog article - an attacker can replace a victim's authentic laptop with a malicious one. Theoretically the attacker could then extract TOTP codes from...

I don't think the EK can help here though because the point of a relay attack in this scenario is to fool a user into trusting a malicious device by...