Hi everybody!
As we all know, TemplateVMs are isolated from the Internet. But any traffic can pass via proxy at localhost:8082, right?. So what prevents any malicious code from using the proxy to surf the web as it pleases?
Hi everybody!
As we all know, TemplateVMs are isolated from the Internet. But any traffic can pass via proxy at localhost:8082, right?. So what prevents any malicious code from using the proxy to surf the web as it pleases?
It’s not a protection against malicious software accessing the network in the template, but against a user error:
Thanks for the quick reply!
But what user errors are we talking if not installing something evil?
For example, clicking on the link somewhere in the template that will run the browser in the template and open this link.
Why is it bad?
Maybe there is some vulnerability in the browser and it’ll be exploited when you access any website and it’ll compromise your template and all the qubes based on it.
Ok, I start to see the logic. Just to verify my understanding: this exploit will have to grab root access to affect other qubes, right?
Yes, but by default in the standard templates there is no password for the root user:
Yes, now it totally makes sense
Thank you!
That is why I avoid as much as possible to execute anything in a template, because a malicious code in such an app can theoretically but trivially export a 8082 proxy on a localhost and then the game is over for that template and all the qubes based on it.