From b4550e6c215161995794bdb19a0b151731f9cf69 Mon Sep 17 00:00:00 2001 From: pierwill <19642016+pierwill@users.noreply.github.com> Date: Thu, 8 Aug 2019 19:48:38 -0500 Subject: [PATCH] Edit RPC services section of qrexec docs --- developer/services/qrexec3.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/developer/services/qrexec3.md b/developer/services/qrexec3.md index e908a2ed..3b99ef10 100644 --- a/developer/services/qrexec3.md +++ b/developer/services/qrexec3.md @@ -65,10 +65,10 @@ Number of available vchan channels is the limiting factor here, it depends on th ## Qubes RPC services -Some tasks (like inter-vm file copy) share the same RPC-like structure: a process in one VM (say, file sender) needs to invoke and send/receive data to some process in other VM (say, file receiver). -Thus, the Qubes RPC framework was created, facilitating such actions. +Some common tasks (like copying files between VMs) have an RPC-like structure: a process in one VM (say, the file sender) needs to invoke and send/receive data to some process in other VM (say, the file receiver). +The Qubes RPC framework was created to securely facilite a range of such actions. -Obviously, inter-VM communication must be tightly controlled to prevent one VM from taking control over other, possibly more privileged, VM. +Obviously, inter-VM communication must be tightly controlled to prevent one VM from taking control of another, possibly more privileged, VM. Therefore the design decision was made to pass all control communication via dom0, that can enforce proper authorization. Then, it is natural to reuse the already-existing qrexec framework. @@ -84,7 +84,7 @@ Additionally, disposable VMs are tightly integrated -- RPC to a DisposableVM is -The dom0 directory `/etc/qubes-rpc/policy/` contains a group of files for available RPC actions. +The dom0 directory `/etc/qubes-rpc/policy/` contains files for each available RPC action. Together their contents make up the RPC access policy database. Currently, the defined actions are: