Starting from Whonix 17.3.0.5 and above…
Basic information:
- user-sysmaint-split: A package by Kicksecure that improves isolation between users (and root).
Whonix-Workstation:
- user-sysmaint-split: Yes. Will be installed by default in new images.
Whonix-Gateway:
- user-sysmaint-split: No, will not be installed by default.
- Will remain in Unrestricted Admin Mode.
This is because according to the threat model and usage instructions, the user should not use Whonix-Gateway for anything else besides running, configuring Tor. End-user applications such as browser should be run inside Whonix-Workstation. Therefore according to our current understanding, user-sysmaint-split would have no security benefit for Whonix-Gateway. Therefore, Whonix-Gateway will remain sudo passwordless by default for better usability. Whonix-Workstation will come with user-sysmaint-split installed by default.
During the Whonix 17 release cycle, will not be automatically installed for existing users to avoid breaking existing user workflows.
in Whonix 18 and during the Whonix 17 to 18 release upgrade, it will get installed by default.
Opt-outs, custom configurations (Unrestricted Admin Mode) will always remain supported.