mirror of
https://github.com/QubesOS/qubes-doc.git
synced 2024-12-25 07:19:33 -05:00
Add note on policies to glossary
This commit is contained in:
parent
1d540888fe
commit
df40f5eacf
@ -128,10 +128,22 @@ example, it is common for the net qube of an [app qube](#app-qube) to be the
|
|||||||
[service qube](#service-qube) `sys-firewall`, which in turn uses `sys-net` as
|
[service qube](#service-qube) `sys-firewall`, which in turn uses `sys-net` as
|
||||||
its net qube.
|
its net qube.
|
||||||
|
|
||||||
|
* If a qube does not have a net qube (i.e., its `netvm` is set to `None`), then
|
||||||
|
that qube is offline. It is disconnected from all networking.
|
||||||
|
|
||||||
* The name `netvm` derives from "Networking Virtual Machine." Before Qubes 4.0,
|
* The name `netvm` derives from "Networking Virtual Machine." Before Qubes 4.0,
|
||||||
there was a type of [service qube](#service-qube) called a "NetVM." The name
|
there was a type of [service qube](#service-qube) called a "NetVM." The name
|
||||||
of the `netvm` property is a holdover from that era.
|
of the `netvm` property is a holdover from that era.
|
||||||
|
|
||||||
|
## policies
|
||||||
|
|
||||||
|
In Qubes OS, "policies" govern interactions between qubes, powered by [Qubes' qrexec system](https://www.qubes-os.org/doc/qrexec/).
|
||||||
|
A single policy is a rule applied to a qube or set of qubes, that governs how and when information or assets may be shared with other qubes.
|
||||||
|
An example is the rules governing how files can be copied between qubes.
|
||||||
|
Policy rules are grouped together in files under `/etc/qubes/policy.d`
|
||||||
|
Policies are an important part of what makes Qubes OS special.
|
||||||
|
|
||||||
|
|
||||||
## qube
|
## qube
|
||||||
|
|
||||||
A secure compartment in Qubes OS. Currently, qubes are implemented as Xen
|
A secure compartment in Qubes OS. Currently, qubes are implemented as Xen
|
||||||
@ -145,8 +157,7 @@ still be called "qubes."
|
|||||||
|
|
||||||
* Note that starting a sentence with the plural of "qube" (i.e., "Qubes...")
|
* Note that starting a sentence with the plural of "qube" (i.e., "Qubes...")
|
||||||
can be ambiguous, since it may not be clear whether the referent is a
|
can be ambiguous, since it may not be clear whether the referent is a
|
||||||
plurality of qubes or [Qubes OS](#qubes-os). You may wish to rephrase
|
plurality of qubes or [Qubes OS](#qubes-os).
|
||||||
sentences in order to avoid this ambiguity.
|
|
||||||
|
|
||||||
* Example usage: "In Qubes OS, you do your banking in your 'banking' qube and
|
* Example usage: "In Qubes OS, you do your banking in your 'banking' qube and
|
||||||
your web surfing in your 'untrusted' qube. That way, if your 'untrusted' qube
|
your web surfing in your 'untrusted' qube. That way, if your 'untrusted' qube
|
||||||
@ -210,5 +221,5 @@ See [Templates](/doc/templates/).
|
|||||||
|
|
||||||
## VM
|
## VM
|
||||||
|
|
||||||
An abbreviation for "virtual machine." A software implementation of a machine
|
An abbreviation for "virtual machine." A software implementation of a computer
|
||||||
(for example, a computer) that executes programs like a physical machine.
|
that provides the functionality of a physical machine.
|
||||||
|
Loading…
Reference in New Issue
Block a user