Does disabling “Provides network” in a disposable template affect the networking security of a DispVM?
The answer seems obvious but I just want to be sure there are no unintended consequences.
1 Like
None of my templates have “Provides network” enabled and it was default setting. Why yours had enabled? Maybe you meant vice versa - enabling of “Provides network”?
1 Like
It make no sense to set Provides network in template. It hardly even run except for updates and app installing. And when app-vm is running out of template it have it’s own settings and this settings is not copied from template.
So why set this option in template ever?
2 Likes
Yeah, if you haven’t read Qubes documents, you should. Templates shouldn’t have any direct network connection. On the contrary, they always are offline and when they need to be updated sys-whonix (or what’s is set as update proxy) takes care of everything related to internet connection intended for templates and this way templates get their update or app packages (if you’re installing something in them). So in simple words, template don’t provide network connection. It’s vice versa - network connection is provided to them through other proxies.
1 Like
@Qubie, both you and @KitsuneNoBaka have missed the point - @aaaaaaa is
talking about disposable templates, not standard templates. Here,
it may make sense to set provides_network if the intention is to
have every disposable created from that template providing network.
An example could be where the disposable template is configured as a VPN
or Tor proxy; then every disposable created from that disposable
template could be used as such a proxy.
@aaaaaaa - to your original question. Disabling “Provides network” in a
disposable template does not affect the networking security of
disposables based on it.
I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.
2 Likes