Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2024-12-27 08:19:24 -05:00
Code Issues Packages Projects Releases Wiki Activity

Change "[root] filesystem" to "system"; add "vault"

Browse Source
This commit is contained in:
Andrew David Wong 2019-01-15 23:18:30 -06:00
parent 8502aa7488
commit 447fc3d5bb
No known key found for this signature in database
GPG Key ID: 8CE137352A019A17
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
basics_user/getting-started.md
View File

@ -21,9 +21,9 @@ Not every app runs in its own qube.
(That would be a big waste of resources!) (That would be a big waste of resources!)
Instead, each qube represents a [security domain] (e.g., "work," "personal," and "banking"). Instead, each qube represents a [security domain] (e.g., "work," "personal," and "banking").
By default, all qubes are based on a single, common [template], although you can create more templates if you wish. By default, all qubes are based on a single, common [template], although you can create more templates if you wish.
When you create a new qube, you don't copy the whole root filesystem needed for this qube to work (which would include copying all the programs). When you create a new qube, you don't copy the whole system needed for this qube to work (which would include copying all the programs).
Instead, each qube *shares* the root filesystem with its respective template. Instead, each qube *shares* the system with its respective template.
A qube has read-only access to the filesystem of the template on which it's based, so a qube cannot modify a template in any way. A qube has read-only access to the system of the template on which it's based, so a qube cannot modify a template in any way.
This is important, as it means that if a qube is ever compromised, the template on which it's based (and any other qubes based on that template) will still be safe. This is important, as it means that if a qube is ever compromised, the template on which it's based (and any other qubes based on that template) will still be safe.
So, creating a large number of qubes is cheap: each one needs only as much disk space as is necessary to store its private files (e.g., the "home" folder). So, creating a large number of qubes is cheap: each one needs only as much disk space as is necessary to store its private files (e.g., the "home" folder).
@ -32,6 +32,7 @@ If you've installed Qubes OS using the default options, a few qubes have already
- work - work
- personal - personal
- untrusted - untrusted
- vault
Each qube, apart from having a distinct name, is also assigned a **label**, which is one of several predefined colors. Each qube, apart from having a distinct name, is also assigned a **label**, which is one of several predefined colors.
The trusted window manager uses these colors in order to draw colored borders around the windows of applications running in each qube. The trusted window manager uses these colors in order to draw colored borders around the windows of applications running in each qube.