change Qubes network policy, UpdatesProxy to network disabled by default for better leak-proofness

Don’t know if it was this what you wanted, because it seems this issue could be separated in two:

1 - updates proxy network policy
2 - netvm policy for anon-vm


1 Like

Tthis ticket isn’t a small bug in qubes-core-admin. It’s about a suggestion to change the global Qubes defaults. The Qubes default should be that all VMs (non-Whonix and Whonix) are non-networked by default. That is to avoid that any VM accidentally gets network access. The user wouldn’t notice any defaults since the default setup scripts would still allow the standard Qubes created VMs to have network by default. However, internally a safer non-networked default would make Qubes-Whonix more leak-proof.

Non-Qubes-Whonix is unaffected.


Sorry but really couldn’t understand that point from reading the issue on github.

An another note, I will redact that comment and put it in another issue.

1 Like

When None is mentioned, it refer to the value None, as in not networked.
When none is mentioned, it is the normal English word. Or possibly I forgot to capitalize the N when I wanted to refer to non-networked.

qubes netvm policy to be non-networked by default is the summary?

So it would be the equivalent of:

qubes-prefs default_netvm ''

But being set as default for new installations.
And qubes created by default should have netvm set to sys-firewall by default or None?

1 Like


Let’s see…

Do you understand it now better?

Is something missing in the middle?

1 Like

My understanding of https://github.com/QubesOS/qubes-issues/issues/7614#issuecomment-1183584016

Set default_netvm to None by default.
QubesOS default installation qubes should not be connected to ther internet by default, manual configuration to set the netvm for all qubes.
Of course anyone can change the qubes-prefs default_netvm later.

Is that it?

Avoid a default netvm, set it to None by default, this avoids qubes getting a network on creation.

Make users explictly set the netvm everytime, unless of course it was preferred otherwise in qubes-prefs.

1 Like

Yes. Would be good to use capitalized and code tags.



Yes. However, should be added:

For some VMs, the such as perhaps the untrusted VM supposed to be used for untrusted web browsing (according to screenshot) would then be set to sys-firewall by higher level tools (preconfiguration tool Qubes salt).


[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]