[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bug#1066113: guix: CVE-2024-27297
From: |
pelzflorian (Florian Pelz) |
Subject: |
Re: Bug#1066113: guix: CVE-2024-27297 |
Date: |
Sun, 24 Mar 2024 14:23:15 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) |
On 2024-03-16, Vagrant Cascadian wrote:
> For anyone with Guix or Nix installed, if I understand correctly, it
> basically allows arbitrarily replacing the source code for anything that
> you might build using Guix or Nix.
Yes, for multi-user systems and people running untrusted code in “guix
shell -CW” container isolation, there is risk.
Regards,
Florian