aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--virtual.mdwn74
-rw-r--r--virtual/screenshot.pngbin0 -> 74886 bytes
2 files changed, 67 insertions, 7 deletions
diff --git a/virtual.mdwn b/virtual.mdwn
index d157930..70055e8 100644
--- a/virtual.mdwn
+++ b/virtual.mdwn
@@ -1,10 +1,70 @@
-Simple people's Qubes
-=====================
+[[!meta title="Virtualized GUI environments"]]
-Desktop
--------
+Can't or don't want to use [Qubes OS](https://www.qubes-os.org/)? Here comes a straightforward sollution
+that, while not offering the same level of security, is practical enough to be implemented in the confort
+of your current FOSS OS!
- apt-get install lightdm ratpoison
+A picture
+---------
-* [plymouth - Debian Wiki](https://wiki.debian.org/plymouth)
-* Additional package: [virtualbox-guest-x11](https://packages.debian.org/stable/virtualbox-guest-x11).
+Could you spot the difference between the Tor Browser running in the host for the one inside the virtual machine? That's what we want to achieve!
+
+![Screenshot](screenshot.png)
+
+First things first
+------------------
+
+What you can do:
+
+1. Create a virtual machine image of the operating system of your choice like [this example](https://padrao.sarava.org/boxes/).
+2. Setup basic X11 environment with automatic login and startup programs.
+3. Configure your hypervisor to hide icons and additional decorations around the virtual machine.
+4. Setup key bindings on your window manager to start/resume and stop/suspend the virtual machine.
+
+Debian desktop
+--------------
+
+When using a debian virtual machine as a virtual desktop, consider the following:
+
+ apt-get install lightdm ratpoison plymouth
+
+Make sure to configure `/etc/lightdm/lightdm.conf` with something like
+
+ autologin-user=vagrant
+ autologin-user-timeout=0
+
+If using VirtualBox, you might also want to try [virtualbox-guest-x11](https://packages.debian.org/stable/virtualbox-guest-x11).
+
+Features
+--------
+
+* Good security through isolation.
+* Improved start/stop of your application by using virtual machine suspend/resume.
+* Minor performance penalties while running the virtual machine.
+
+Limitations
+-----------
+
+* Memory and disk consumption.
+* Clipboard might still be available to the virtual environment, see [this discussion](http://theinvisiblethings.blogspot.com.br/2011/04/linux-security-circus-on-gui-isolation.html).
+
+Future
+------
+
+* Automated expendable snapshots for one-time-use virtual machines.
+* Automated recipes (puppet/ansible).
+* Vagrant integration for fast provisioning of golden images.
+* Alternatives to the VirtualBox hypervisor.
+
+References
+----------
+
+Applications:
+
+* [vbox script](https://git.sarava.org/?p=vbox.git;a=summary).
+* [plymouth - Debian Wiki](https://wiki.debian.org/plymouth).
+
+Other implementations:
+
+* [Marco Carnut: Ambiente "Auto-Limpante" via Virtualização Ultra-Leve Descartável - Tempest Blog](http://blog.tempest.com.br/marco-carnut/ambiente-auto-limpante-via-virtualizacao-ultra-leve-descartavel.html).
+* [Subgraph OS and Mail](https://subgraph.com/sgos/index.en.html).
diff --git a/virtual/screenshot.png b/virtual/screenshot.png
new file mode 100644
index 0000000..f5541c4
--- /dev/null
+++ b/virtual/screenshot.png
Binary files differ