Qubes VM Hardening


I saw this Github Repo and I was wondering if anyone had used this on 4.1.2 or had any feedback. I’m going to install and report back with anything I find.

I saw on a private forum someone had incron entries set up so that if anything attempted to write to /usr the a service in that qube would send a signal for the running qube to be frozen.

1 Like

Just installed. All good so far.

The dom0 sudo prompts are a big improvement to security. IMO

The service is up and running, but I still need to stress test.