zlacker

[return to "Qubes OS: A reasonably secure operating system"]
1. Jeaye+E4[view] [source] 2017-11-19 17:12:33
>>ploggi+(OP)
What I'd really love to see is a marriage between NixOS and Qubes, allowing for full-system declarative configuration, including the various systems which will be running under Qubes.

NixOS has containers that show how this could work, but they're only via systemd-nspawn, so not as jailed as Qube's domUs.

◧◩
2. hyperf+ed[view] [source] 2017-11-19 18:51:41
>>Jeaye+E4
What a coincidence. I've actually been trying to sketch out how to do this in the past few days.

I've also been looking at how projects like Hypercontainer and Clear Containers achieve minimal VM overhead to expand the model to a per-application-instance VM.

Another interesting enabling technology is VirtFS, which can be used for filesystem-level storage virtualization to gain the many benefits of COW and shared caching.

The principal question then is how to allow interaction between different application instances without the user having to manually ferry files between them, as it currently happens with AppVMs on Qubes.

[go to top]