bug#48146: Getting diverted to non-updated branches: a limitation of the

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#48146: Getting diverted to non-updated branches: a limitation of the

From:	Leo Famulari
Subject:	bug#48146: Getting diverted to non-updated branches: a limitation of the authentication mechanism?
Date:	Sun, 2 May 2021 00:09:50 -0400

On Sat, May 01, 2021 at 11:40:01PM +0200, Maxime Devos wrote:
> Tags: + security
> 
> Hi guix,
> 
> Consider the following situation:

Check this blog post and The Update Framework's concept of "indefinite
freeze attacks", which I think is what you are describing:

https://guix.gnu.org/en/blog/2020/securing-updates/
https://theupdateframework.io/ (check the "specification")

[Prev in Thread]

Current Thread

[Next in Thread]

bug#48146: Getting diverted to non-updated branches: a limitation of the authentication mechanism?, Maxime Devos, 2021/05/01
- bug#48146: Getting diverted to non-updated branches: a limitation of the authentication mechanism?, Leo Famulari <=
- bug#48146: Getting diverted to non-updated branches: a limitation of the authentication mechanism?, Ludovic Courtès, 2021/05/05
  - bug#48146: Getting diverted to non-updated branches: a limitation of the authentication mechanism?, Maxime Devos, 2021/05/06

Prev by Date: bug#48152: no code for module (json) on guix upgrade
Next by Date: bug#48156: basic system test broken: qemu-system-x86_64: error while loading shared libraries: libXcursor.so.1: cannot open shared object file: No such file or directory
Previous by thread: bug#48146: Getting diverted to non-updated branches: a limitation of the authentication mechanism?
Next by thread: bug#48146: Getting diverted to non-updated branches: a limitation of the authentication mechanism?
Index(es):
- Date
- Thread