Mike Keehan: > On 8/11/20 7:21 PM, Mike Keehan wrote: >> On 8/11/20 7:13 PM, Toptin wrote: >>> Mike Keehan: >>>> On 8/11/20 6:08 PM, Toptin wrote: >>>>> Toptin: >>>>>> Dear Qubes Users, >>>>>> >>>>>> I'm currently digging my way through the exceptional good Qubes >>>>>> documentation. Everything is nicely explained as to why a certain >>>>>> decision / implementation was made, except for the use of Fedora >>>>>> as main >>>>>> distribution. >>>>>> >>>>>> I wonder what's the rationale of that decision; Fedora 25 isn't even >>>>>> supported anymore. No offense or critic intended, just curiosity. >>>>>> >>>>>> Regards, toptin. >>>>>> >>>>> >>>>> I still look for the rationale; what was/is the technical necessity to >>>>> use Fedora. I do not look for ideologies, because I don't have one in >>>>> regard to an OS. I choose an OS based on the objective I have in mind. >>>>> >>>> >>>> This subject has been discussed many times on this list, plus there are >>>> documented reasons for this on the website. You will have to search >>>> for >>>> them, I can't remember the urls. >>> >>> I actually did search the webpage and even read the architectural design >>> paper and the website, but I couldn't find anything in regard technical >>> necessity. >>> >>> What I found was this: >>> >>> " >>> But why trust Fedora? >>> >>> Because we chose to use Fedora as a vendor for the Qubes OS foundation >>> (e.g. for Dom0 packages and for AppVM packages). We also chose to trust >>> several other vendors, such as Xen.org, kernel.org, and a few others >>> whose software we use in Dom0. We had to trust somebody as we are unable >>> to write all the software from scratch ourselves. But there is a big >>> difference in trusting all Fedora packages to be non-malicious (in terms >>> of installation scripts) vs. trusting all those packages are non-buggy >>> and non-exploitable. We certainly do not assume the latter. >>> " >>> Taken from https://www.qubes-os.org/doc/templates/ today. >>> >>> So, if that's all than it wasn't a technical decision just a choice, >>> probably just because the developer was used to it: see 3rd reply by >>> Jeff Kayser. >>> >>>> >>>> Mike >>>> >>> >> The reasons why the developers believe an old Fedora release is >> safe in dom0 has been explained before. I think it was Marek >> who replied to an email question. It made perfect sense at the >> time, but I couldn't quote it after all this time. >> >> Mike. >> > > A bit of searching found this - > > https://www.qubes-os.org/doc/supported-versions/#note-on-dom0-and-eol >
Thanks, must have overlooked it. So, so far I gather the rationale to use Fedora is less a technical but more a trust (signed packages) rationale and with which distribution the developers were comfortable. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/1ecb3b49-50fa-c15f-e874-07013f29d1dc%40riseup.net.
