[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Potential security weakness in Guix services
|
From: |
Christopher Lemmer Webber |
|
Subject: |
Re: Potential security weakness in Guix services |
|
Date: |
Wed, 10 Feb 2021 15:54:23 -0500 |
|
User-agent: |
mu4e 1.4.13; emacs 27.1 |
Ludovic Courtès writes:
> I think it’s a good endeavor, but it’s a longer-term one since it’ll
> take some time before this new version is in use by all the Guix code.
>
> The difficulty in designing such an interface is that the Scheme API is
> more about ports than it’s about file names and file descriptors.
>
> Thanks!
>
> Ludo’.
In the long run, that might end up being safer.
In the meanwhile, we suffer the world of ACLs. ;)
(From my read, this is practically exactly the scenario from Norm
Hardy's original Confused Deputy paper...)
- Re: Potential security weakness in Guix services, (continued)
- Re: Potential security weakness in Guix services, Ludovic Courtès, 2021/02/10
- Re: Potential security weakness in Guix services, Ludovic Courtès, 2021/02/06
- TOCTTOU race (was: Potential security weakness in Guix services), Maxime Devos, 2021/02/14
- Re: TOCTTOU race (was: Potential security weakness in Guix services), Bengt Richter, 2021/02/14
- Re: TOCTTOU race, Ludovic Courtès, 2021/02/18
- Re: TOCTTOU race, Maxime Devos, 2021/02/19
- Re: TOCTTOU race, Ludovic Courtès, 2021/02/22
- Re: TOCTTOU race, Maxime Devos, 2021/02/22
- Re: TOCTTOU race, Ludovic Courtès, 2021/02/23
- Re: TOCTTOU race, Maxime Devos, 2021/02/27
- Re: Potential security weakness in Guix services,
Christopher Lemmer Webber <=