Information
ID: 191
PHID: PHID-TASK-7b2xayydowr5cmfngynn
Author: WhonixQubes
Status at Migration Time: wontfix
Priority at Migration Time: Normal
Description
If we would like to have dev/test code or scripts for the qubes-whonix package, then I would like to establish a policy of isolating them out into an independent package that is not installed by default, but can be optionally installed by users on-demand.
This is for achieving more simple, efficient, clearer security audits of the qubes-whonix package codebase and removing attack surface for 1st and 3rd party apps.
Additional discussion on this in these forum posts…
So, if we would like to include such dev/test code and scripts, I propose we establish a qubes-whonix-tests package for them.
Alternatively, we could just have a policy of leaving them out entirely for qubes-whonix, but I do see their positive uses in software and am not philosophically opposed. Just looking for default isolation of such non-production code/scripts.
Right now, @nrgaway is writing the majority of code for the qubes-whonix package, so if he would like to simply leave them all out for simplicity of not dealing with an additional qubes-whonix-tests package, then I would be okay with that.
Similarly, this isolated “-tests” package principle could be considered for other Whonix packages, but I will let @Patrick and others decide upon these other Whonix packages at this time.
#qubes
Comments
WhonixQubes
2015-02-28 07:39:13 UTC