Qubes-VM-hardening icon indicating copy to clipboard operation
Qubes-VM-hardening copied to clipboard

Published 20 hours ago verified publisher icon tasket

Default whitelists

Open tasket opened this issue 7 years ago • 1 comments

Candidate whitelist items are commonly-used files such as:

  • Network Manager connections
  • VPN configurations etc.

Maybe included as inactive examples.

tasket avatar Mar 29 '18 14:03 tasket

Please note that a default tagged whitelist for network vms in general will be included in the near future. This can be used whenever you have a network vm that isn't named 'sys-net'.

The path for adding tagged configs is '/etc/default/vms/@tags/tagname'. Any tag can be enabled for a vm by adding a Qubes service 'vm-boot-tag-tagname'. Other than that, tagged configs work just like the existing kind of config.

Any other defaults in the future will probably be added also as tags so they can be re-used on whatever vms the user chooses.

Ref issue #35

tasket avatar Aug 02 '19 21:08 tasket