But as you’ve said, this has probably been discussed already - however I felt emoldened by @ppc comment r/e alpine (i.e: they seem to agree alpine is better than fedora).
So I suppose it was more of a question than a statement - in reference to: how different are the libraries of fedora and alpine*?
*(because if they are radically different, then IMHO switching from fedora to alpine is a massive security increase - but of-course you will know far better than me the cost of the increase, and hence what the ROI/priority is).
I agree 100%, xen is more important than anything else - so if there’s more to do there I don’t mean to distract you - sorry if I have.
Xen project undergoes a Synopsis Coverity scan which should also be the case for QubesOS. What types of attacks would Xen be subject to if it isn’t network facing?
I’d like to repurpose it into formulating an FAQ entry, since the question comes up quite frequently. I am a bit too busy currently to spend time on coming up with a first draft, so if someone else wants to get the ball rolling … it would be appreciated.
I’ve somewhat reconsidered locking this thread, as it is useful in keeping these types of discussions contained in one place. At least people post here are not generating new topics or spamming the mailing list/GitHub issue tickets. Once the GUI is pulled into its own hypervisor, then these discussions might be useful again.
Here is my (hopefully not too passive aggressive) version of the QA:
Q Have you considered switching dom0 to $fav_distro?
A Probably! However, the Qubes team lacks the resources to switch to another distro. We are currently focused on removing as much as possible from dom0 (i.e. GUI compositing), which will make switching more feasible from an engineering perspective.
Q But $fav_distro is AMAZING!
A It sounds amazing! We are happy to support concrete code or financial contributions .
Probably not, at least I don’t think that is the idea behind sys-gui, it should reduce the need to interact with dom0, making the OS choice even less of an issue.
dom0 matters: it has direct access to hardware and where most of the trust in the system is placed. Hardware support, stability, packaging, reproducibility, and opsec of the upstream distro will definitely matter. It’s just that potential replacement distros will continue to evolve while we wait for Qubes to get to the point that it can consider switching.