That was my first thought too. However, I think maybe what the author of that doc meant is that it’s okay to run apps in in a dedicated DVM, but only to the extent that is necessary for customizing it, not for day-to-day usage. That is to say, DVM templates should be thought of like regular TemplateVMs, in that they should have networking disabled, and you shouldn’t run any apps in them unless you have to, but sometimes you have to. (Remember, running apt, or gnome-terminal, or even ls, in a TemplateVM is still technically running something in a TemplateVM, so there can be no hard-and-fast rule against running anything in a TemplateVM.)
Think of it this way. Even if you ran Firefox in an instance of fedora-30-dvm, say disp1234, made your customizations there, and then copied /rw from disp1234 into a new DVM template, say, fedora-30-custom-dvm. In this case, you’ve strictly adhered to the rules, but what have you actually accomplished? If firefox turned out to be exploited or malicious, then what have you done to prevent it from infecting ~/.bashrc, or side-loading a malicious browser extension in ~/.mozilla/profile.default/extensions/, or whatever, now that you’ve copied those malicious changes back to a permanent (so-called “dedicated”) DVM template? You might as well have just created fedora-30-custom-dvm and done your customizations directly in there, even though that technically violates the rule against running software in dedicated templates.
-
What do you mean “typically”? Is there ever a case, in Qubes 4.0, where a DisposableVM Template can have anything other than “AppVM” under its “Type” field in the VM settings dialog? (A running DispVM, such as disp1234, it has type listed as “DispVM”, but that’s not a “DisposableVM Template” then.)
-
Is it not also true that Dedicated DisposableVM Templates are AppVMs on which DisposableVMs are based? If so, then why is this stated specifically under the Non-Dedicated DisposableVM Templates section? Wouldn’t it be more correct to just say “DisposableVM Templates are AppVMs on which DisposableVMs are based”?
Yes, just like how “literally” now means “figuratively” in modern vernacular. Doesn’t mean it’s not still frustrating 