guix-patches
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment'


From: Maxime Devos
Subject: [bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment'
Date: Mon, 04 Oct 2021 19:12:40 +0200
User-agent: Evolution 3.34.2

Ludovic Courtès schreef op ma 04-10-2021 om 10:34 [+0200]:
> Hello!
> 
> Vagrant Cascadian <vagrant@debian.org> skribis:
> 
> > On 2021-10-02, Ludovic Courtès wrote:
> 
> [...]
> 
> > >   2. ‘guix shell’, without arguments, loads ‘guix.scm’ or ‘manifest.scm’
> > >      from the current directory or one of its ancestors.
> > 
> > This sounds a little scary to me, just implicitly importing whatever
> > happens to be lying around doesn't sound very guixy...
> 
> Right, it would be the first command that does that.
> 
> I became quite convinced that conventions and, thus, implicit arguments
> can occasionally improve usability.  We use tools that operate this way
> daily: ‘make’, ‘git’, etc.  Dave nicely argued about it:

'git' doesn't run binaries in the repository, unless configured otherwise
(in .git/config I think).  ‘make’ and ‘bundle’ are verbs and are for building
source code, which needs to be checked for backdoors anyway, so those programs
implicitely reading code from the current directory seems acceptable.

"guix sh" seems to be useful outside software development.
E.g. I sometimes do
"guix environment --pure --ad-hoc minetest various-minetest-mods-... -- 
minetest",
which would become
"guix shell --pure minetest various-minetest-mods-... -- minetest".
I could very easily accidentally press the enter key after typing "shell"
(I write from personal experience), and this could easily happen from within,
say, a ~/Downloads directory with an untrusted guix.scm (e.g. downloaded from
some rando's site to look at later).

Conventions are nice, but loading arbitrary code from the current directory
by default is an exploit waiting to happen.  This situation seem like including 
"."
in PATH by default to me.

Greetings,
Maxime

Attachment: signature.asc
Description: This is a digitally signed message part


reply via email to

[Prev in Thread] Current Thread [Next in Thread]