ANN: Qubes shared folders now using much more secure `qfsd`

The latest version 0.3.0 of Qubes shared folders is now public, featuring a number of important changes.

Much simplified installation

In addition to the installation method by packages available prior, the new installation from source is a shell script that can be run directly to build the necessary packages.

Soon, there will be a repository users will be able to enable so that installation is even easier.

Much more secure file server

The old C-based diod file server in charge of serving files to client qubes has been retired. In its place, an extremely simple, brand new file server written in Rust is now distributed with the Qubes shared folders source.

This file server offers comparable performance to diod, but it reduces the code base enormously, and it also uses safe Rust to prevent memory errors, such that client qubes have a much harder time causing undefined behavior in the backend qube. Of particular interest is the use of serialization and deserialization routines based on a formal protocol specification — this absolutely avoids any hand-rolled code and the bugs such code typically carries.

Thanks for your feedback!

If you use this project, leave a note in the comments and tell me what you’d like to see next!