|
| From: | Jonathan Frederickson |
| Subject: | Re: Mitigating "dependency confusion" attacks on Guix users |
| Date: | Wed, 10 Feb 2021 09:33:23 -0500 |
| User-agent: | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 |
On 2/10/21 2:51 AM, Christopher Baines wrote:
I'm not sure you can escape trusting the collection of channels you're using. Because channels are code that's expected to interact, I'm not sure it's easy to target a single package from a specific channel, and expect that this provides some security. A malicious channel could simply reach out and modify the state in modules from a different channel, which would circumvent the protection you're suggesting.
Not that it's necessarily possible to prevent at this moment with the tools available to us, but... is there any case in Guix's normal usage where the modules containing package definitions need to reach out and modify the state in other modules?
| [Prev in Thread] | Current Thread | [Next in Thread] |