bug#37744: Per-user profile directory hijack (CVE-2019-17365 for Nix)

[Bengt Richter]

Hi Ludo, Tobias,

On +2019-10-17 22:25:58 +0200, Ludovic Courtès wrote:
> Hallo!
> 
> Tobias Geerinckx-Rice <address@hidden> skribis:
> 
> > Ludovic Courtès 写道：
> >> See https://issues.guix.gnu.org/issue/37744
> >
> > Will this be automatically linkified?
> 
> Yes, I think so.
> 
> >> # Upgrading
> >>
> >> On multi-user systems, we recommend upgrading the daemon now.
> >>
> >> To upgrade the daemon on a “foreign distro”, run something along
> >> these
> >
> > Imperialist nitpick: why list the foreigners first?  :-)
> >
> > Anti-imperialist nitpick: reversing the two allows using ‘other
> > distributions’ instead of ‘foreign’ which always sounds a bit
> > dismissive to my ears.
> >
> > End nitpick.
> 
> That makes sense to me; I’m not satisfied with “foreign” either (I think
> the inspiration came from FFIs, but still).  Maybe “fellow distros”?
> :-)

Is not the important distinction whether the "foreign distro" can be generated
with pure guix libre components using a pure guix tool chain vs not?

Maybe define a (guix-auditable? "/") test and then 
s/foreign/non-guix-auditable/g
in docs and discussions?

Just a thought :)
__
Regards,
Bengt Richter