Double Firewall?

Pawelek85 · July 29, 2024, 7:57am

As we know, Qubes trusts the Fedora distribution the most.
Dom0 has Fedora and templates use Fedora.
Taking the concept of “zero trust” and comparing Qubes to a ship - the hull is Fedora.
Dom0 and Fedora templates may have unidentified vulnerabilities that can be successively exploited from, say, fedora 40 to fedora 32 (backwards).

And here I have a question - is qubes protected against such a scenario, in which vulnerabilities found in fedora used by Dom0 and Fedora templates, are shared and actively exploited? Is Qubes considering the use of anonymity and privacy for Qubes hardware, such as hiding the identification of Fedora-based templates as Fedora in an internal environment with a possible transition to an external environment? Why doesn’t Qubes’ sys-firewall or sys-net use a distribution of, for example, OpenBSD and at the same time have active IDS and IPS systems?

unman · July 29, 2024, 1:21pm

It’s very difficult to hide such identifications. I am much in favor of
mixing distributions and OS, but it comes at a price for simple usage.
It is possible to run sys-net on OpenBSD, but it’s not straightforward
in terms of configuration. (This has been discussed here before.) And
again, users who find it difficult to transition to Linux would find it
more so if faced with Linux and *BSD.

I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.

qubist · July 31, 2024, 6:29pm

Dom0 and Fedora templates may have unidentified vulnerabilities that can be successively exploited from, say, fedora 40 to fedora 32 (backwards).

And here I have a question - is qubes protected against such a scenario, in which vulnerabilities found in fedora used by Dom0 and Fedora templates, are shared and actively exploited?

If it was, it would be mentioned somewhere, so I assume the answer is no.