hmm.. this is also a good point, thanks! so if i do not use openoffice in my bankingVM, there is no practical vulnerability in it.
Am 14.03.2017 um 15:11 schrieb Vít Šesták: > How much is a threat installed software you don't use? > > * If the package install script is malicious, it is a threat. > * However, if you are concerned just about vulnerabilities, they are often > not applicable if you don't use the software. > > So, it depends on your threat model. > > Regards, > Vít Šesták 'v6ak' > > On Tuesday, March 14, 2017 at 9:23:25 AM UTC+1, evo wrote: >> Hi! >> >> i consider about the VM-strategy for the personal and other areas. >> till now i have just AppVms for this purpose. >> >> But isn't it better to have just standalone VMs, because of the >> installed software on each VM? >> >> For example i need openoffice on work-VM, but i don't need it on banking >> or personal or whatever VM. Thunderbird i just need on my e-mailVM. If I >> install everything on the template all software will be on every >> AppVM.... so it's less secure. >> >> How do you think about it? > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e2cdb8be-56fa-8fad-86f6-c65e7538c4ec%40aliaks.de. For more options, visit https://groups.google.com/d/optout.
