/qubes-issues

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

UpdateVM system defaults should only list NetVMs and ProxyVMs #1831

Closed
mfc opened this Issue Mar 15, 2016 · 8 comments

Comments

Assignees
No one assigned
Labels
Projects
Minor Enhancements in Qubes Manager GUI & UX
Milestone
  Release 4.1
6 participants
@mfc @marmarek @adrelanos @bnvk @andrewdavidwong @qubesos-bot
@mfc
Member

mfc commented Mar 15, 2016

Currently in Qubes VM Manager > System > System defaults > UpdateVM, it lists all VMs as possibilities for UpdateVM. It should only list netvms and proxyvms. Probably the same should be done for ClockVM.
@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Mar 15, 2016

Member

Why? It is perfectly fine to have any AppVM set there. For example a VM behind Tor, or VPN, to be sure that yumdownloader/ntpdate will not see real IP.
Member

marmarek commented Mar 15, 2016

Why? It is perfectly fine to have any AppVM set there. For example a VM behind Tor, or VPN, to be sure that yumdownloader/ntpdate will not see real IP.
@mfc

This comment has been minimized.

Show comment
Hide comment
@mfc

mfc Mar 15, 2016

Member

For example a VM behind Tor, or VPN, to be sure that yumdownloader/ntpdate will not see real IP.

those VMs are ProxyVMs, no?
Member

mfc commented Mar 15, 2016

For example a VM behind Tor, or VPN, to be sure that yumdownloader/ntpdate will not see real IP.

those VMs are ProxyVMs, no?
@mfc

This comment has been minimized.

Show comment
Hide comment
@mfc

mfc Mar 15, 2016

Member

Why?

I can't think of a single use-case where a user should be putting their network traffic through a "qube" (AppVM) or a template, rather than a ProxyVM.
Member

mfc commented Mar 15, 2016

Why?

I can't think of a single use-case where a user should be putting their network traffic through a "qube" (AppVM) or a template, rather than a ProxyVM.
@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Mar 15, 2016

Member

those VMs are ProxyVMs, no?

But those ProxyVMs itself see the real IP. Only VMs behind are are really isolated. I think Whonix gateway is some exception here - it also torify traffic originating directly from it.

(I agree templates are useless on that list)
Member

marmarek commented Mar 15, 2016

those VMs are ProxyVMs, no?

But those ProxyVMs itself see the real IP. Only VMs behind are are really isolated. I think Whonix gateway is some exception here - it also torify traffic originating directly from it.

(I agree templates are useless on that list)

@marmarek marmarek added C: qubes-manager UX help wanted labels Mar 18, 2016

@marmarek marmarek added this to the Release 4.0 milestone Mar 18, 2016

@adrelanos

This comment has been minimized.

Show comment
Hide comment
@adrelanos

adrelanos Mar 18, 2016

Member

Marek Marczykowski-Górecki:

I think Whonix gateway is some exception here - it also torify traffic originating directly from it.

Yes.
Member

adrelanos commented Mar 18, 2016

Marek Marczykowski-Górecki:

I think Whonix gateway is some exception here - it also torify traffic originating directly from it.

Yes.
@bnvk

This comment has been minimized.

Show comment
Hide comment
@bnvk

bnvk Mar 22, 2016

But those ProxyVMs itself see the real IP. Only VMs behind are are really isolated. I think Whonix gateway is some exception here - it also torify traffic originating directly from it.

So, then perhaps the solution I think @mfc is after (making this selection process more simple + safe for users) is to only show AppVMs, or Whonix gateway so as to not allow users to accidentally leak their real IP

bnvk commented Mar 22, 2016

But those ProxyVMs itself see the real IP. Only VMs behind are are really isolated. I think Whonix gateway is some exception here - it also torify traffic originating directly from it.

So, then perhaps the solution I think @mfc is after (making this selection process more simple + safe for users) is to only show AppVMs, or Whonix gateway so as to not allow users to accidentally leak their real IP
@andrewdavidwong

@bnvk bnvk referenced this issue Mar 23, 2016

Closed

Implement a more intuitive Qubes Manager #1870

1 of 12 tasks complete

andrewdavidwong added a commit that referenced this issue Jun 7, 2016

@andrewdavidwong
Track #1831
Verified
This commit was signed with a verified signature.
@andrewdavidwong andrewdavidwong Andrew David Wong
GPG key ID: DB4DD3BC39503030 Learn about signing commits
5a0da97

@andrewdavidwong andrewdavidwong added the enhancement label Mar 31, 2018

@andrewdavidwong andrewdavidwong modified the milestones: Release 4.0, Release 4.1 Mar 31, 2018

@marmarta marmarta referenced this issue in QubesOS/qubes-manager Jul 12, 2018

Merged

Remove templates from listing in UpdateVM and ClockVm in Global Settings #105

marmarta added a commit to marmarta/qubes-manager that referenced this issue Jul 12, 2018

@marmarta
Offset context menu in Manager to avoid accidental clicks 
Small fix to Qubes Manager to open the context menu slightly to the
right of the mouse to avoid accidental clicks. Originally created by
@unman , ported to 3.2 branch.

references QubesOS/qubes-issues#1831
Verified
This commit was signed with a verified signature.
@marmarta marmarta Marta Marczykowska-Górecka
GPG key ID: 9A752C30B26FD04B Learn about signing commits
7d477ae

@marmarek marmarek closed this in marmarek/qubes-manager@efa2b2d Jul 12, 2018

@qubesos-bot

This comment has been minimized.

Show comment
Hide comment
@qubesos-bot

qubesos-bot Jul 18, 2018

Automated announcement from builder-github

The package qubes-manager-4.0.19-1.fc25 has been pushed to the r4.0 testing repository for dom0.
To test this update, please install it with the following command:

sudo qubes-dom0-update --enablerepo=qubes-dom0-current-testing

Changes included in this update

qubesos-bot commented Jul 18, 2018

Automated announcement from builder-github

The package qubes-manager-4.0.19-1.fc25 has been pushed to the r4.0 testing repository for dom0.
To test this update, please install it with the following command:

sudo qubes-dom0-update --enablerepo=qubes-dom0-current-testing

Changes included in this update

@qubesos-bot qubesos-bot added the r4.0-dom0-cur-test label Jul 18, 2018

@qubesos-bot qubesos-bot referenced this issue in QubesOS/updates-status Jul 18, 2018

Open

manager v4.0.19 (r4.0) #600

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment