Here
https://www.qubes-os.org/news/2015/12/14/mgmt-stack/, Marek
Marczykowski-Górecki sais (referring to the core rewrite back then
ongoing for 4.)):
+ Then, based on this functionality, we will be able to create a
+ Management VM, which will allow secure, centralized management of
+ Qubes OS installations in an organization or company. But to do it
+ securely, we need to first finish some major rework of Qubes core
+ management code (“core3”), which is planned for Qubes 4.0. Then it
+ will be possible to implement Management VM in a way so that it will
+ have no access to user data, only ability to manage configuration of
+ (selected) VMs.
This is exactly what I want - plus limited tor/net connectivity to
track/backup my salt infrastructure in a gpg-encrypted git repo ...
Are we there yet?
Joh