On Wed, Feb 28, 2018 at 09:50:17AM -0800, Braden wrote: > On Wednesday, February 28, 2018 at 12:38:49 PM UTC-5, Unman wrote: > > On Wed, Feb 28, 2018 at 08:52:07AM -0800, Braden wrote: > > > Performing some modifications to dom0, but when I run apps like wget from > > > dom0 terminal I am unable to resolve addresses. Same if I were to try > > > running firefox from dom0. Know this is because of security benefits, but > > > how can I enable networking from there. Say I wanted to connect to dom0 > > > from a vnc temporarily. > > > > > There's almost never any need to do this. If you want to install > > packages you can use the update mechanism. Otherwise download files in a > > qube and then copy them in to dom0 and install them there. > > If dom0 is compromised then all your qubes are open. > > > > But you probably know this already. > > > > As things stand it's difficult, but not impossible to access dom0. You > > could open a channel to allow vnc to a qube and use socat and an rpc > > service to front to dom0. But really just dont do it: it subverts the > > whole point in using Qubes. > > Fair enough, suppose will copy the package to dom0 and then install my vnc > server there, but would the firewall refuse to allow connections just like > how firefox and wget refuse in dom0? >
By design dom0 has no networking. If you MUST break Qubes , and you cant use the admin features in 4.0 (see my last post),then you'll have to use some service to pass data in and out of dom0 WITHOUT networking. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20180228175308.z6tkj4poeopfxmke%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
