Two qubes multinoot

[Oleg Artemiev]

Hi.

If I want to run VMs from one Qubes in another - would it be possible to have different coloring for the same VM in different Qubes OS instances?

Is this possible from a VM to attack Dom0 by altering VM image files  or this is just files and adversary able to rewrite image in one Qubes has no option to appear outside VM when it is loaded in another Qubes OS instance? 

[john.david.r.smith]

On 25/02/17 04:14, Oleg Artemiev wrote:
> Hi.
>
> If I want to run VMs from one Qubes in another

why would you even dualboot two qubesversions?

> would it be possible to
> have different coloring for the same VM in different Qubes OS instances?

here the questions is, what files you would share?
i am not sure, where the label is saved, but if you only share the images, it should work (but i am still not sure what you are trying to do).

> Is this possible from a VM to attack Dom0 by altering VM image files or
> this is just files and adversary able to rewrite image in one Qubes has no
> option to appear outside VM when it is loaded in another Qubes OS instance?
>

a vm can always only write data inside of an image.
if a vm can write data in dom0, your system is owned and you need something as aem to protect the other instance.
but even with aem, i think one qubes dom0 A could compromise the other dom0 B, since A can somehow read and write files of B.

but if you assume both dom0 are secure, i don't see a problem.

[Oleg Artemiev]

On Sat, Feb 25, 2017 at 6:50 PM, john.david.r.smith
<john.davi...@openmailbox.org> wrote:
> On 25/02/17 04:14, Oleg Artemiev wrote:
>>
>> Hi.
>>
>> If I want to run VMs from one Qubes in another
> why would you even dualboot two qubesversions?

Some activities are useless to encrypt, i.e. social networking and
some other . Encription gives useless overhead.
I want 1 Qubes OS unencrypted and 1 Qubes OS encrypted for everything
else + activities from unencrypted Qubes also enabled.

>> would it be possible to
>> have different coloring for the same VM in different Qubes OS instances?
> here the questions is, what files you would share?

For example:

/var/lib/qubes/appvms/public-activity-vm/

or if it does any sense I may share files indiividually:
/var/lib/qubes/appvms/public-activity-vm/*

> i am not sure, where the label is saved, but if you only share the images,
> it should work (but i am still not sure what you are trying to do).

run same VM in diffrent boots of Qubes OS on the same computer.

>> Is this possible from a VM to attack Dom0 by altering VM image files or
>> this is just files and adversary able to rewrite image in one Qubes has no
>> option to appear outside VM when it is loaded in another Qubes OS
>> instance?
> a vm can always only write data inside of an image.
> if a vm can write data in dom0, your system is owned and you need something
> as aem to protect the other instance.
> but even with aem, i think one qubes dom0 A could compromise the other dom0
> B, since A can somehow read and write files of B.

A is not encrypted, B is encrypted, A never used to mount something
from B and has no clue about B luks password.

> but if you assume both dom0 are secure, i don't see a problem.

A is not that secure as B. If A is compromised I'm not glad, but it's
not very important - all accounts I would use from A are already
somewhat public.

It looks that before booting into B I should check bootloader and
/boot consistency of B w/ some sort of usb stick.