Commit Graph

108 Commits

Author SHA1 Message Date
Andrew David Wong
bddcd0cad2
Replace absolute with relative paths for Qubes URLs 2018-02-03 14:51:06 -06:00
Andrew David Wong
61776ee35b
Merge branch 'patch-3' of https://github.com/awokd/qubes-doc into awokd-patch-3 2018-02-02 21:42:26 -06:00
awokd
1a6c777d8b
split-gpg update package utilities
yum -> dnf
apt-get -> apt
2018-02-02 13:40:40 +00:00
awokd
019b577b45
multifactor-authentication update fedora version
and yum -> dnf
2018-02-02 13:28:58 +00:00
awokd
922340303e
security-guidelines 4.0 update
yum -> dnf
Replace R3.x specific description of treatment of template's home directory with link to /doc/template
2018-02-01 14:59:45 +00:00
mossy-nw
2602af7bc1
Update split-gpg.md 2018-01-19 13:21:10 +00:00
Speedy Gonzales
58ef892234
made it a bit clearer 2018-01-12 13:59:28 +01:00
Christopher Laprise
d63cc59595
Remove -n from echo 2018-01-11 16:57:38 -05:00
Christopher Laprise
ca170fd8ee
Add policy parameter for R4.0 2018-01-10 14:39:38 -05:00
William Pierce
9408f8d2ee Consistently use the term "third-party" 2017-12-07 22:43:04 -06:00
Andrew David Wong
57ef6d7779
Update links to new FAQ (QubesOS/qubes-issues#2704) 2017-11-15 22:38:48 -06:00
Andrew David Wong
aa11899db7
Merge branch 'patch-39' of https://github.com/adrelanos/qubes-doc into adrelanos-patch-39 2017-11-14 20:41:13 -06:00
Andrew David Wong
7f36b07e45
Merge branch 'patch-36' of https://github.com/adrelanos/qubes-doc into adrelanos-patch-36 2017-11-14 20:37:50 -06:00
Patrick Schleizer
353c8e8416
more useful link for USB keyboard 2017-11-15 02:59:41 +01:00
Patrick Schleizer
6c76f98d45
more verbose instructions for Locking the screen when YubiKey is removed 2017-11-14 00:46:52 +01:00
Patrick Schleizer
4b2d611965
improve usage instructions 2017-11-14 00:39:28 +01:00
Andrew David Wong
0331740993
Merge branch 'split-bitcoin-wallet-fedora' of https://github.com/thomaskey/qubes-doc into thomaskey-split-bitcoin-wallet-fedora 2017-10-27 20:50:00 -05:00
Andrew David Wong
e67088f3bd
Revert "attacker emailing himself" sentence for clarity 2017-10-26 21:29:16 -05:00
Andrew David Wong
7af0784363
Merge branch 'patch-24' of https://github.com/stubbybubby/qubes-doc into stubbybubby-patch-24 2017-10-26 21:21:12 -05:00
Thomas Chiantia
5bdec5234b
Update split-bitcoin.md
Signed-off-by: thomas <thomas.chiantia@gmail.com>
2017-10-22 10:18:50 -04:00
thomas
2f73914e54 debian-8-backports electrum has bug, use fedora-25? 2017-10-19 16:01:35 -04:00
Robin Schneider
8ef2335394
Fix root shell PS1 in security/split-gpg
The first command invokes a `bash` shell with elevated rights. The `echo`
file redirection would not work as normal `user`.
2017-10-09 22:17:07 +02:00
Andrew David Wong
99fdbf29b4
Update examples from fedora-24 to fedora-25 2017-07-29 21:21:25 -05:00
Christopher Laprise
b27f90d74f
Fix auth for 'su' command 2017-07-12 15:07:13 -04:00
Dean V
f572f00826 Edit + Disagreement
Did some prosaic editing:
* Removed unnecessary parentheses
* Shortened long sentences
* Wording changes.
* Removed restatements of earlier sentences
Also, this document made the following error about cooperative covert leaking channels in Qubes OS:

> It is likely that the only way to **fully protect against leaks of type 1** and 2 is to either pause or shut down all other VMs while performing sensitive operations in the target VM(s) (such as key generation).

This is wrong. Closing the other VMs while performing such important activities does nothing to stop leaks in type 1, assuming you turn the other VMs back on at some point. The (presumably compromised) AppVM in question can easily write the information it needs to leak down until the other Qubes come back online. Inserted a new sentence clarifying this.
2017-05-17 19:54:15 -07:00
fortasse
8f8384c6e9 Fix redirect loop in /doc/firewall/ 2017-05-13 21:09:39 -04:00
Marek Marczykowski-Górecki
1e5bdb770a
Merge remote-tracking branch 'origin/pr/408' into https
* origin/pr/408:
  Update firewall.md
2017-05-06 23:38:03 +02:00
InstantGratimification
66b604ea5a Update firewall.md 2017-05-03 15:11:44 +00:00
InstantGratimification
b3dcea40a8 http -> https + blogspot -> https://blog.invisiblethings.org 2017-05-03 14:49:41 +00:00
InstantGratimification
053164de28 Update anti-evil-maid.md 2017-05-03 10:04:52 +00:00
stubbybubby
469ca0c5e2 Revert previous commit
That was weird. Iw as sure they were dead links.
2017-04-17 17:11:51 -07:00
stubbybubby
23726eb505 Remove dead links
Removed some dead links in the introduction.
2017-04-16 19:33:19 -07:00
stubbybubby
44f8c8eb7c Edit expose-like-effect part
Updated the paragraphs to reflect the current desktop environment of QubesOS.
2017-04-16 16:55:38 -07:00
stubbybubby
848ee837e8 Modified introduction
Removed the reference to the original older qubesos introduction and made the introduction of this article a standalone statement.
2017-04-16 15:20:21 -07:00
stubbybubby
7569cf3b95 Add disclaimer and clarifications about signatures
Wrote a paragraph or two about verifying the QubesOS ISO signature and wrote a disclaimer that Qubes does not automatically verify external downloads not coming from its own repositories.
2017-04-16 15:09:04 -07:00
stubbybubby
824618d805 Edit/Rewrite security-guidelines.md
A few content changes, read over them to see if you like them:
* A few sentences were reworded so that end users could understand them better, without sacrificing detail. 
* Sometimes more detail was added to give context to sentences or to make them more accurate.
* New sentences were added to help transitions in thought.
* New sentences were added to provide reasoning to earlier instructions so that the reader knew why they were important.

None of these content changes were particularly extensive or clashed with the original paper but they do change the meaning a bit, so I thought it important to document them.

Other changes:
* Subject-verb agreement
* Corrected some parentheses placements
* Misc. Grammar Fixes
* Inserted forgotten commas and periods
* Word variation
* Rework on some sentences that had really roundabout ways of saying things

In addition to my PR being a big edit, it is also on an important document. I have looked over my changes well and I know you will too. Reply if anything needs fixing/changing in the PR.

I have more changes that I want to add, but I figured I had edited the document enough already and if I added anythign else or made more extensive modifications it might be hard to tell what exactly I did.
2017-04-15 22:34:37 -07:00
ddcrjlalumiere
b8bac33169 Directly link to HCL 2017-03-21 15:54:32 -04:00
Andrew David Wong
8ab0a855bd
Reorganize security info pages 2017-03-18 19:31:12 -07:00
Michael Carbone
a8af17352c made more clear dom0 vs template commands
based on user error/feedback at training
2017-01-26 17:42:49 -05:00
Andrew David Wong
740b138532
AEM known issue: incompatible with SSD cache 2017-01-03 13:39:04 -08:00
Andrew David Wong
658e02cc50
Update Xen bug count in sudoers comment
Closes QubesOS/qubes-issues#2480
2016-12-04 16:30:33 -08:00
Andrew David Wong
3918733e29
Fix broken link 2016-11-30 20:22:05 -08:00
Andrew David Wong
8cd05ef837
Fix code block formatting
https://github.com/QubesOS/qubes-doc/pull/228#issuecomment-263232368
2016-11-28 02:35:21 -08:00
Andrew David Wong
5e107f5fa0
Merge branch 'patch-8' of https://github.com/tasket/qubes-doc into tasket-patch-8 2016-11-27 16:27:57 -08:00
tasket
76ecc09a9d Update vm-sudo.md
Specify service actions instead of globbing.
2016-11-26 21:38:48 -05:00
Andrew David Wong
fbcf95e21c
Move project security pages to separate directory 2016-11-26 02:12:28 -08:00
Andrew David Wong
ab10f7fb60
Update Fedora version number in examples 2016-11-23 15:38:09 -08:00
Andrew David Wong
b5aaccb4f3
Update qubes-secpack page
* Replace "QSP" with "qubes-secpack"
  (We should only have one official short name for it.)
* Note that the repo itself is independent of the host
  (currently GitHub)
* Minor text cleanup
2016-11-22 14:33:56 -08:00
Andrew David Wong
740aa6d4a4
Add QSB 27 2016-11-22 06:00:21 -08:00
tasket
5dd89f912d Additional step for Whonix
Per this discussion, https://forums.whonix.org/t/fixing-whonix-boot-issue-after-securing-qubes-root-auth/3155/8

Whonix executes sudo commands in non-root startup scripts which causes pop-up auth prompts to appear while Whonix VMs are starting. The problem is partly due to sudo parsing sudoers.d entries in alphabetical order, and some later configs cause earlier ones to get overridden. Adding the right permissions to a lexically 'last' filename resolves the issue.
2016-11-22 05:34:48 -05:00