This is a popular one. Every now and then there is another post asking for the posters favorite distribution to become dom0. Other frequently complain about the age of Fedora in dom0. The answers to all of this is covered in the FAQ of course:
Current news strongly suggests to me that I actually WANT the distribution in dom0 to be EOL, in which case it would ONLY receive XEN and Qubes OS related updates authored or at least reviewed by the Qubes OS team.
Even better, once the hardware handling has completely moved into dedicated domU (sys-net, sys-usb, sys-audio, sys-gui) I really want dom0 to be an extremely minimal distribution maintained, reviewed and audited in it’s entirety by the Qubes OS team. I have no idea if this is feasible technically and from a resource perspective.
In any case, the questions for this thread are:
- What are the implications of rogue authors OUTSIDE of the Qubes OS team to dom0 in particular?
- What are possible counter measures with a REALISTIC/TOLERABLE impact on the core teams work load?
If you choose to post to this thread please take the time to properly reason your opinion and link to sources for your statements. This forum is recently flooded by people claiming all sorts of things without any evidence or even basic understanding of how Qubes OS works. We can do without that here. Thank you!