Page MenuHomePhabricator
Create Task
Maniphest T398

Qubes-Whonix whonixcheck sanity test for 'prevent dom0 telling Qubes-Whonix VMs the time'
Closed, ResolvedPublic
Actions

Description

When prevent dom0 telling Qubes-Whonix VMs the time T397 is implemented, whonixcheck should add a sanity test to see if that won't break over time.

Implementation:

  • qubes-whonix 12's /etc/qubes-rpc/qubes.SetDateTime[.anondist] can forward everything dom0 is [not] telling to a file.
  • From there whonixcheck can check if that file exists. If it exists, then T397 is either broken or not yet implemented.

Details

Impact
Normal

Related Objects

Event Timeline

Patrick created this task.Aug 16 2015, 4:10 AM
Patrick updated the task description. (Show Details)
Patrick raised the priority of this task from to Normal.
Patrick claimed this task.
Patrick added projects: Whonix, Qubes, security, bug, Whonix 12, whonixcheck, qubes-whonix 12.
Patrick set Impact to Normal.
Patrick added subscribers: Patrick, WhonixQubes, troubadour and 2 others.
Patrick added a comment.Aug 18 2015, 3:48 AM

/etc/qubes-rpc/qubes.SetDateTime.anondist: dom0 should not tell us its time. But if it does, create a file /var/run/qubes-whonix/qubes.SetDateTime so whonixcheck could warn in case this file exists. - https://phabricator.whonix.org/T398:
https://github.com/Whonix/qubes-whonix/commit/300d09b2514019e67fec16403177092f14504ba2

Patrick closed this task as Resolved.Aug 18 2015, 4:01 AM

Added an info level message when running with --verbose if dom0 is telling us the time. As long as https://phabricator.whonix.org/T397 is unsolved. - https://phabricator.whonix.org/T398:
https://github.com/Whonix/whonixcheck/commit/0019e00e28ef85cdd95937d4d1e134335a03af18

Whonix Issue Tracker · Unread Notifications · Open Issues · Homepage · Blog · Forum · Github · Legal · Imprint · Privacy Policy · Terms of Use · Disclaimer