Read only qube

Hello. I’m working on organizing my secure qubes into two types:

  1. Read-only, called secure-view & and will be used as an AppVM

  2. Write access restricted to one file (qvm-open-in-vm on a file), called secure-edit & will be used as a disposableVM

Both have no network access. How would I go about configuring secure-view to strictly allow only stdin but little to no stdout through qrexec? My reasoning behind this is that I’d like to have a dedicated vm with GPU passthrough so I can view graphics intensive media and play offline video games that require graphics acceleration safely. Is this possible, and if so, am I my missing something critical that would render this setup less secure than OS level measures such as AppArmor and SELinux?

1 Like