Our great sponsors
-
Contents
Community documentation, code, links to third-party resources, ... See the issues and pull requests for pending content. Contributions are welcome !
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
> It is slow as molasses on hardware where even Windows 10 and Gnome are both fast...
I haven't had that problem. There's no GPU acceleration, so anything heavy on the GPU is a problem, but in terms of general use, I don't find it slower than Linux on the iron.
> and to make it usable you have to keep relaxing the security to the point where it is probably less secure than regular OS.
How so? What settings? I don't run with a USB Qube all the time for just my HID devices, but I light it up when I'm doing anything else on USB. I haven't had issues with having to turn down a bunch of security settings either.
> And don't even bother if you have to use scaling other than 100%, sure you can scale the DOM0 but the rest of the VMs are not scaled and there is no documentation on how to do it.
Yes there is. https://github.com/Qubes-Community/Contents/blob/master/docs...
> What we need are simple sandboxes that isolate GUI applications into chroot environment and keep them away from other applications and documents.
The history of local root exploits ("Cheap and easy!") would argue that doing such a thing and relying on the kernel is just security theater.
Please do not use firejail. See this issue page: https://gitlab.alpinelinux.org/alpine/aports/-/issues/12635
Bubblejail is an acceptable alternative https://github.com/igo95862/bubblejail
That is a somewhat controversial claim. See also this issue page: https://github.com/netblue30/firejail/issues/3046
Also, bubblejail ships all of 8 profiles; I'm skeptical of its claim to be a full replacement.