Tomster/QubesOS-Scripts
1
0
Fork 0
mirror of https://github.com/tommytran732/QubesOS-Scripts synced 2025-02-08 13:11:34 -05:00
Code

Update Quality of Life.md

Browse Source 
Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2025-02-02 03:31:59 -07:00 committed by GitHub
parent c0d738b15b
commit 23e0fedf32
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Quality of Life.md
View File

@ -47,6 +47,14 @@ ctap.GetInfo * microsoft-edge sys-usb allow
ctap.ClientPin * microsoft-edge sys-usb allow
```
### Split GPG
The GUI configurator is very broken so I don't use it. Instead, I write my own policy at `/etc/qubes/policy.d/50-gpg.policy`
```
qubes.Gpg * thunderbird vault allow
```
Note that I just use allow here, because the vault VM on a new Fedora 41 already prompts for confirmation, so I don't wanna have to answer yet another prompt from dom0.
### Trivial data exfiltration prevention
One trivial way for malicious applications to exfiltrate data from an offline VM is to open a link in a disposable VM with a payload. To prevent this, open the VM settings, go to advanced and set the default disposable template to none.