I’ve implemented the Mirage OS firewall myself, with plans to reattempt the OpenBSD netvm.
My question is, are these two implementations confidently believed to be as or more secure than standard fedora/debian netvm/firewall?
I understand that Mirage offers a significantly reduced attack surface both with its code & the diversity of environments the attacker would have to exploit to get in, which is also the case for OpenBSD.
What I don’t understand is whether there are vulnerabilities introduced in the process making them work for Qubes, or is it simple enough that whatever their security value is independent of Qubes is what is found when they are implemented in Qubes, with no or limited potential of Qubes-specific introduction of vulnerabilities.
IN SHORT: What is the communities understanding of their comparative security value to the default options?
About your question I think that the totally different code base and with memory safety for Ocaml runtime helps in security/exploitation. The Qubes specific part for mirage is really limited and seems safe so far, the xen part is much larger.