I’ve been experimenting with sys-audio (successful), sys-gui (successful), sys-gui-gpu (unsuccessful) and sys-gui-vnc (unsuccessful), and I have to say, the qrexec protocol is very powerful and versatile.
Well done devs! You’ve built a solid piece of software
I’ve been thinking of other applications for qrexec:
Sharing (passthrough) of individual Bluetooth devices between a sys-bluetooth and VMs (instead of passing through the entire Bluetooth hardware)
sys-printers, allowing all VMs access to all the printers available to the machine, mitigating the potential risks of CUPS
A control panel to direct port forwarding to certain qubes
Just a brainstorm.
Are there any other things anyone’s had in their mind of what else could be done with qrexec?
I have qubes-print to allow any
qube to print from a Print Qube without CUPS. qubes-sync to allow qubes to
access a shared data store - two methods supported Split mail to
allow mail reading and writing to take place in an isolated, non
networked, qube.
split-ssh to allow storage of ssh keys in a vault-like store with
controlled access to different keyrings.
Some other custom abuses of qrexec which will, for reasons, never see
the light of day.
I never presume to speak for the Qubes team.
When I comment in the Forum or in the mailing lists I speak for myself.
I wish those things were a few clicks away in the GUI, so non-technical users could take advantage of them, too. (But I understand that Qubes developers have very little time to implement that.)
I love that split-mail story. It was one of the first after I registered here. It’s definitely on my to-do list.
Btw, I have external USB sound card, beside internal, non-USB one. Use them both, the first one for browsing, and the second one for multimedia.
