Isolation within the same domain

I know that. Please fully read my comment :smile:

I’m not sure if it’s possible to run apps that are inherited from the TemplateVMs, in DispVM. I mean inside the AppVMs. It’s possible to open files and stuff not inherited from the TemplateVM of course.

To open, say, Chromium in DispVM, I’ve to open it from the Disposable domain, e.g: fedora-dvm, not from the AppVM.
Inside the AppVM I’d still have Chromium running without sandboxing.

Running everything in DispVMs can nearly make your system “read only”.
Any change in your AppVM will only remain in this AppVM, and not affect TemplateVM, nor another AppVM based on the same TemplateVM.

I know. Let’s say this: any AppVM is just a traditional desktop Linux distro, which has no sandboxing at all. The Qubes issue is to support running a mac system. otherwise, it’s a Linux issue.

You can take a look at

This might be the solution for you.

Thank you!
But, unfortunately, the project is not maintained anymore.

Yeah, it’s a pity. However, grabbing its design thought and modify your own Qubes OS may be helpful.
This project seems to be closely connected with Qubes. (virtualization, create VMs on the fly, etc)

1 Like

I don’t see why e.g. SELinux shouldn’t work with Qubes OS. You might have to load or install some kernel modules though. Worst case you might have to build your own VM kernel.

So everything that the VM OS supports should be supported by Qubes OS as well. And IIRC Fedora e.g. ships SELinux by default.

Anyway the per-VM isolation still seems way stronger and preferable to me.

1 Like