Open marmarek opened 5 years ago
Generally admin.Events
is a more tricky than that, because it also disclose a bunch of other information - like properties values when it being set. This could be handled in similar manner (analyze policy for admin.vm.property.Get
with appropriate argument for example), but this is left for future extension, not part of this issue.
The problem you're addressing (if any) Writing policy for management VM for qvm-* tools to work require multiple trade-offs. For example:
Describe the solution you'd like
admin.vm.List
output (which when directed todom0
- list all the VMs) to a list of VMs explicitly allowed inadmin.vm.List
policy, even when the call is to dom0.Where is the value to a user, and who might that user be? Ease writing concise and precise Admin API policy. Basically, remove catches mentioned in https://www.qubes-os.org/news/2017/06/27/qubes-admin-api/#simple-management-vm-demo
Related, non-duplicate issues
3293