Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2024-10-01 01:25:40 -04:00
Code Issues Packages Projects Releases Wiki Activity

updated links

Browse Source
This commit is contained in:
Hakisho Nukama 2015-03-02 23:53:25 +00:00
parent 358c615673
commit dc1b18c2d5
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
HvmCreate.md
View File

@ -233,7 +233,7 @@ Once the Windows VM boots, a CDROM should appear in the 'My Computer' menu (typi
Before proceeding with the installation we need to disable Windows mechanism that allows only signed drivers to be installed, because currently the drivers we provide as part of the Windows Support Tools are not digitally signed with a publicly recognizable certificate. How to do that is explained in the `README` file also located on the installation CDROM. In the future this step will not be necessary anymore, because we will sign our drivers with a publicly verifiable certificate. However, it should be noted that even now, the fact that those drivers are not digitally signed, this doesn't affect security of the Windows VM in 'any' way. This is because the actual installation ISO (the `qubes-windows-tools-*.iso` file) is distributed as a signed RPM package and its signature is verified by the `qubes-dom0-update` utility once it's being installed in Dom0. The only downside of those drivers not being signed is the inconvenience to the user that he or she must disable the signature enforcement policy before installing the tools, and also to accept a few scary looking warning windows during the installation process, as shown below. Before proceeding with the installation we need to disable Windows mechanism that allows only signed drivers to be installed, because currently the drivers we provide as part of the Windows Support Tools are not digitally signed with a publicly recognizable certificate. How to do that is explained in the `README` file also located on the installation CDROM. In the future this step will not be necessary anymore, because we will sign our drivers with a publicly verifiable certificate. However, it should be noted that even now, the fact that those drivers are not digitally signed, this doesn't affect security of the Windows VM in 'any' way. This is because the actual installation ISO (the `qubes-windows-tools-*.iso` file) is distributed as a signed RPM package and its signature is verified by the `qubes-dom0-update` utility once it's being installed in Dom0. The only downside of those drivers not being signed is the inconvenience to the user that he or she must disable the signature enforcement policy before installing the tools, and also to accept a few scary looking warning windows during the installation process, as shown below.
[![r2b1-win7-installing-qubes-tools-2.png](/attachment/wiki/HvmCreate/r2b1-win7-installing-qubes-tools-2.png)]((/attachment/wiki/HvmCreate/r2b1-win7-installing-qubes-tools-2.png) [![r2b1-win7-installing-qubes-tools-2.png](/attachment/wiki/HvmCreate/r2b1-win7-installing-qubes-tools-2.png)](/attachment/wiki/HvmCreate/r2b1-win7-installing-qubes-tools-2.png)
[![r2b1-win7-installing-qubes-tools-4.png](/attachment/wiki/HvmCreate/r2b1-win7-installing-qubes-tools-4.png)](/attachment/wiki/HvmCreate/r2b1-win7-installing-qubes-tools-4.png) [![r2b1-win7-installing-qubes-tools-4.png](/attachment/wiki/HvmCreate/r2b1-win7-installing-qubes-tools-4.png)](/attachment/wiki/HvmCreate/r2b1-win7-installing-qubes-tools-4.png)
[![r2b1-win7-installing-qubes-tools-5.png](/attachment/wiki/HvmCreate/r2b1-win7-installing-qubes-tools-5.png)](/attachment/wiki/HvmCreate/r2b1-win7-installing-qubes-tools-5.png) [![r2b1-win7-installing-qubes-tools-5.png](/attachment/wiki/HvmCreate/r2b1-win7-installing-qubes-tools-5.png)](/attachment/wiki/HvmCreate/r2b1-win7-installing-qubes-tools-5.png)

2
QubesArchitecture.md
View File

@ -11,7 +11,7 @@ Qubes implements a Security by Isolation approach. To do this, Qubes utilizes vi
Qubes lets the user define many security domains, which are implemented as lightweight Virtual Machines (VMs), or “AppVMs.” For example, the user can have “personal,” “work,” “shopping,” “bank,” and “random” AppVMs and can use the applications within those VMs just as if they were executing on the local machine. At the same time, however, these applications are well isolated from each other. Qubes also supports secure copy-and-paste and file sharing between the AppVMs, of course. Qubes lets the user define many security domains, which are implemented as lightweight Virtual Machines (VMs), or “AppVMs.” For example, the user can have “personal,” “work,” “shopping,” “bank,” and “random” AppVMs and can use the applications within those VMs just as if they were executing on the local machine. At the same time, however, these applications are well isolated from each other. Qubes also supports secure copy-and-paste and file sharing between the AppVMs, of course.
[![qubes-arch-diagram-1.png](/attachment/wiki/QubesArchitecture/qubes-arch-diagram-1.png)](/attachments/wiki/QubesArchitecture/qubes-arch-diagram-1.png) [![qubes-arch-diagram-1.png](/attachment/wiki/QubesArchitecture/qubes-arch-diagram-1.png)](/attachment/wiki/QubesArchitecture/qubes-arch-diagram-1.png)
(Note: In the diagram above, "Storage domain" is actually a USB domain.) (Note: In the diagram above, "Storage domain" is actually a USB domain.)