You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Some default system app qubes are needed for a functional SecureDrop Workstation (e.g. sys-net, sys-firewall, sys-usb) and even some templates (whonix-workstation-17). What these qubes also have in common is that we don't have a canonical way to refer to them. Therefore we don't have a way to refer to them all.
This leads to awkward situations where we need to explicitly list them #758.
My proposal is to keep track of these qubes with a tag like sd-workstation-required so that we can then make tests that don't need to call them out explicitly or even to have an updater knowing from the tag which qubes also need ensured updates.
How would this affect the SecureDrop Workstation threat model?
It shouldn't.
User Stories
As a developer, I'd like not to have to rely on manual lists of VMs in various parts of the code. The least qube name references, the better for maintainability and security (to avoid forgetting one).
The text was updated successfully, but these errors were encountered:
Description
Some default system app qubes are needed for a functional SecureDrop Workstation (e.g.
sys-net
,sys-firewall
,sys-usb
) and even some templates (whonix-workstation-17
). What these qubes also have in common is that we don't have a canonical way to refer to them. Therefore we don't have a way to refer to them all.This leads to awkward situations where we need to explicitly list them #758.
My proposal is to keep track of these qubes with a tag like
sd-workstation-required
so that we can then make tests that don't need to call them out explicitly or even to have an updater knowing from the tag which qubes also need ensured updates.How will this impact SecureDrop/SecureDrop Workstation users?
No impact. Tags are not user-facing.
How would this affect the SecureDrop Workstation threat model?
It shouldn't.
User Stories
As a developer, I'd like not to have to rely on manual lists of VMs in various parts of the code. The least qube name references, the better for maintainability and security (to avoid forgetting one).
The text was updated successfully, but these errors were encountered: