Standardize mime handling in non-viewer VMs

[emkll]

In sd-proxy we use do-not-open-here to ensure files are not accidentally opened in that VMs opened in that VM. Give that the VM is networked, the risk of exfiltration is higher than other VMs. However, to ensure defense-in-depth and prevent accidental opening of files in VMs that are not disposable, we should consider applying this to all workstation VMs (except sd-viewer).

[1] https://github.com/freedomofpress/securedrop-workstation/tree/3d965da45dd6efe6133433b018c757e5e13324f5/sd-proxy

[conorsch]

Great idea. Would recommend writing the mimeapps.list to private volumes, so that different VMs can have unique settings, regardless of which apt packages are installed (#471). Also useful in that home-paths override the system-level paths:

$ which gimp feh
/usr/bin/gimp
/usr/bin/feh
$ xdg-mime query default image/jpeg
gimp.desktop
$ echo -e "[Default Applications]\nimage/jpeg=feh.desktop" > ~/.config/mimeapps.list
$ xdg-mime query default image/jpeg
feh.desktop

[zenmonkeykstop]

Closing - the default was flipped to open-in-dvm by default. This was considered safe as the default dispVM is non-networked. See freedomofpress/securedrop-builder#198