[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#73166: shell-autorized-directories
|
From: |
Suhail Singh |
|
Subject: |
bug#73166: shell-autorized-directories |
|
Date: |
Mon, 11 Nov 2024 20:46:10 -0500 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) |
Saku Laesvuori via Bug reports for GNU Guix <bug-guix@gnu.org> writes:
> Anyway, I am not opposed to this change. The only effects for my use
> cases are positive (nicer UI with the --allow flag). I just want to
> point out that I don't think this makes any attacks significantly
> harder.
FWIW, this summarizes my belief as well. I do see some improvements in
convenience, but the threat model where this improves security (threat
actor has access to the repository, but the files are such that the
threat actor isn't able to modify their semantics without first
modifying the files) seems contrived. Am I mistaken?
If not, while I don't have objections to the change (and do believe it
has some value), I do have reservations about claiming security
benefits.
--
Suhail
- bug#73166: shell-autorized-directories, Nicolas Graves, 2024/11/09
- bug#73166: shell-autorized-directories, Saku Laesvuori, 2024/11/10
- bug#73166: shell-autorized-directories, Nicolas Graves, 2024/11/10
- bug#73166: shell-autorized-directories, Saku Laesvuori, 2024/11/11
- bug#73166: shell-autorized-directories, Nicolas Graves, 2024/11/11
- bug#73166: shell-autorized-directories,
Suhail Singh <=
- bug#73166: shell-autorized-directories, Nicolas Graves, 2024/11/12
- bug#73166: shell-autorized-directories, Suhail Singh, 2024/11/12
- bug#73166: shell-autorized-directories, Nicolas Graves, 2024/11/12
- bug#73166: shell-autorized-directories, Suhail Singh, 2024/11/12
- bug#73166: shell-autorized-directories, Saku Laesvuori, 2024/11/14