Anyone interested in maximizing there security want to do this with me?
https://gist.github.com/ehmry/66f0aafefc7b3fefb14ebede5f64f94b?_pjax=%23gist-pjax-container
I got stuck and could use a hand.
come on guys
>>60549193
What is this about OP?
If I understand correctly, you want to install NixOS and Genode on the same drive, and be able to boot from a virtual machine any of those when you are using the other.
Also
>virtualbox
dropped
>>60549418
similar to qbes in that is reduce attack surface area and sandboxes all your programs, you can read about Genode here:
https://genode.org/about/index
An excerpt:
The Genode OS Framework is a tool kit for building highly secure special-purpose operating systems. It scales from embedded systems with as little as 4 MB of memory to highly dynamic general-purpose workloads.
Genode is based on a recursive system structure. Each program runs in a dedicated sandbox and gets granted only those access rights and resources that are needed for its specific purpose. Programs can create and manage sub-sandboxes out of their own resources, thereby forming hierarchies where policies can be applied at each level. The framework provides mechanisms to let programs communicate with each other and trade their resources, but only in strictly-defined manners. Thanks to this rigid regime, the attack surface of security-critical functions can be reduced by orders of magnitude compared to contemporary operating systems.
The framework aligns the construction principles of L4 with Unix philosophy. In line with Unix philosophy, Genode is a collection of small building blocks, out of which sophisticated systems can be composed. But unlike Unix, those building blocks include not only applications but also all classical OS functionalities including kernels, device drivers, file systems, and protocol stacks.
It's dual booted and halfbooted with NixOS in the github link I posted, for increased security and practicality through LUKS encryption, virtual machines and NixOS provides a full blown desktop enviroment to work. I just fuck up the latter half of the install and need help.
>>60549503
Basically, excpet I don't think you can boot from NixOS to Genode, only from Genode to Nix.
So the selling point here is Genode, will check that first
>>60549654
I've been getting into understanding security more, as up until recently it's always been something I've kept on the backburner, thinking it would just naturally come with time.
And recently, I've stumbled upon NixOS and other stateless systems like GuixSD, and those sounded very interesting. And naturally, this coupled with the security interest lead me to Genode + NixOS.
My tech level is still relatively low though, so the end of that guide was over my head, and I'm seeking a full blown arcane linux mage that I can interested to help me out.
keepin this bitch at the top
Come on boys
wow thats awesome op, toasting in epic bread!!!!
>>60549777
>stateless systems
You mean stateful