Hey,
I would like to automate template and app qube (re)installations by using shell-scripts.
My first question:
Is dom0
the appropriate place for storing the script files?
I am asking, as docs warn about copying any files to dom0:
Copying anything into dom0 is not advised, since doing so can compromise the security of your Qubes system.
Some existent, lengthy scripts would need to be copied over to dom0
.
Second question:
Does the docs’ quote implicate a warning about possible text encoding exploits, when passiong IO to dom0
? Or does qrexec auto-sanitize characters, so there is no worry.
Is there anythong other to concern? The script content is safe (to best of my knowledge), as written by myself.