On Thursday, 6 August 2020 22:24:38 UTC+8, 54th Parallel wrote: > > > There might be potential attacks against the hypervisor or > daemons/backends in dom0 that require root access. Qubes founder Joanna > Rutkowska initially assessed there was limited benefit from isolating the > root account from the user account, because all user data is already > accessible from the latter > <https://www.qubes-os.org/doc/vm-sudo/#passwordless-root-access-in-VMs> > [archive] > <https://web.archive.org/web/https://www.qubes-os.org/doc/vm-sudo/#passwordless-root-access-in-VMs>. > > However, she later changed her opinion on the matter; see here > <https://github.com/QubesOS/qubes-issues/issues/2695#issuecomment-301316132> > [archive] > <https://web.archive.org/web/https://github.com/QubesOS/qubes-issues/issues/2695#issuecomment-301316132> > . > > Upon reading that more carefully, I realized that it's explicitly about dom0, but I think the general concept applies to other VMs as well.
-- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/88dd8065-2729-421f-81e0-0fac66ac5f73o%40googlegroups.com.