After more than one year I've complete my old proof of concept (with the help of cute NixOS fellows like @cab404)of QubesOS-like application VMs that works on every GNU/Linux distro.

Still far from being released, so I'll be happy to hear your thoughts!

@dump_stack @cab404 hello! you might be interested in the work I’m doing at, which aims to provide a complete Qubes-like system with similar security benefits entirely configured with Nix.

One thing I have that you might find useful is that I have integration with a host system’s Wayland compositor over virtio_wl, which gives a nicer experience than VNC/etc, which it looks like you’re using here from the screenshot.

@qyliss @dump_stack sounds really nice, will check it out later! I am really interested in Wayland integration part.
The problem with OS level compartmentalisation though is that you can't install it as an app on a regular system, as with firejail. And we are trying to fill that gap between secure execution environment like in qubes, and ease of use and versatility like fj.

