Consequently, we have decided to move to hardware memory virtualization for the upcoming Qubes 4.0 release [4]. We believe this is the best _generic_ solution we can afford to implement in the near future (in addition to patching this very bug, of course)." - https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-024-2016.txt As Virtualbox and Vagrant currently run within HVMs, does this mean that Virtualbox (and other visualization tools) will likely work in AppVMs in Qubes 4?
-- --- kulinacs <nick...@kulinacs.com>
Hi all,
I teach journalism students how to use Qubes at the University of
Melbourne. One of the biggest obstacles is getting Qubes up and
running in the classroom. Currently, we have a small class set of
laptops that students share. It would be much better if students
could run Qubes inside Virtual Box on their own laptops (which are 90%
Mac). So if it's not too much effort to accommodate Qubes inside
Virtual Box, I think it could have a big impact.
As Virtualbox and Vagrant currently run within HVMs, does this mean that Virtualbox (and other visualization tools) will likely work in AppVMs in Qubes 4?
This means an L1 admin can DOS the L0 hypervisor. This is a potential security issue; for this reason, we do not recommend running nested virtualization in production yet"