Qubes is such a great OS, I am learning about it at the moment.
Some question I have is whether it is possible for a new VM to get read access to old storage data after a previous VM is deleted. For example, I create a new VM and download some large files. Then I will remove this VM and create a new fresh VM. What if this fresh VM has its disk space allocated from the old VM’s contents?
I hope it’s not possible. Can someone tell me how Qubes is stopping this from happening. Thanks.
I believe I asked myself the same question when I started…
At least for the default “lvm thin” block devices, there is a -Z option which guarantees that all blocks are zeroed before allocation.
There is a closed bug/issue where removal of this zero function was proposed, for improved performance. The idea was strongly rejected.
I am sure that any other storage method will have the same function - it is indispensable for a system like Qubes.
edit: it was not exactly proposed - see reply below.
The issue is here: https://github.com/QubesOS/qubes-issues/issues/5402
I see that I remembered incorrectly. The reporter had disabled the zero function, and did not expect to see dirty blocks when doing copy from a sparse file.
I did remember correctly the response…