[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Profiles/manifests-related command line interface enhancements
From: |
Bengt Richter |
Subject: |
Re: Profiles/manifests-related command line interface enhancements |
Date: |
Wed, 13 Nov 2019 12:58:21 -0800 |
User-agent: |
Mutt/1.12.1 (2019-06-15) |
Hi Andy, Guix...
On +2019-11-12 09:55:27 +0100, Andy Wingo wrote:
> On Sun 10 Nov 2019 10:36, Konrad Hinsen <address@hidden> writes:
>
> > One direction could be to add a sandboxing feature to Guile, which would
> > be nice-to-have for other uses as well if Guile is to become a
> > general-purpose systems scripting language. There are some interesting
> > ideas in shill (http://shill.seas.harvard.edu/) for this scenario.
>
> I wrote this for that purpose:
>
>
> https://www.gnu.org/software/guile/manual/html_node/Sandboxed-Evaluation.html
>
> However I can't recommend it as a robust security layer because of the
> weaknesses in the heap allocation limit; discussed in the page above.
>
> I agree that Shill has some great patterns that go beyond what Guile or
> Guix has, and that adopting some of them is a really interesting idea
> :-)
>
> I admit that I was a bit depressed at the impact that Spectre et al has
> had on language-level sandboxing abstractions :-( and haven't much
┌───────────────────────────────────────────────────────────────────────────┐
│ > pursued this line since then. In practice Guix's "containerized" build │
│ > jobs are much more effective than in-language barriers. │
└───────────────────────────────────────────────────────────────────────────┘
>
> Cheers,
>
> Andy
>
Would it be possible to have a sand-box daemon like the build daemon
which could run sandboxed guile expressions safely?
If designed for the future, maybe such a daemon's interface could anticipate
replacing the daemon and talking to a hypervisor dom0 as in Qubes-OS?
--
Regards,
Bengt Richter
--8<----(OT PS)-----------cut here---------------start------------->8---
Andy, have you looked at glTF and sketchfab?
Would you be interested in bringing that kind of 3D graphics into
the Guix package world? (or are you or someone already doing something? :)
https://sketchfab.com/features/gltf
Have a look with firefox (my icecat on top of weston-launch shows the static
images beautifully, but no dynamics, need to get js going).
Play with rotating and zooming, really nice, plus animated stuff ;-)
I think it would be super-cool to have this 3D modeling capability
for Guix presentations, toys and fun ;-)
--8<----(OT PS)-----------cut here---------------end--------------->8---
- Re: Profiles/manifests-related command line interface enhancements, (continued)
- Re: Profiles/manifests-related command line interface enhancements, Konrad Hinsen, 2019/11/07
- Re: Profiles/manifests-related command line interface enhancements, Pierre Neidhardt, 2019/11/07
- Re: Profiles/manifests-related command line interface enhancements, Konrad Hinsen, 2019/11/07
- Re: Profiles/manifests-related command line interface enhancements, Pierre Neidhardt, 2019/11/07
- Re: Profiles/manifests-related command line interface enhancements, Ludovic Courtès, 2019/11/09
- Re: Profiles/manifests-related command line interface enhancements, Konrad Hinsen, 2019/11/10
- A better XML, config is code (was Re: Profiles/manifests-related command line...), Giovanni Biscuolo, 2019/11/11
- Re: A better XML, config is code (was Re: Profiles/manifests-related command line...), Konrad Hinsen, 2019/11/13
- Re: Profiles/manifests-related command line interface enhancements, Andy Wingo, 2019/11/12
- Re: Profiles/manifests-related command line interface enhancements, Konrad Hinsen, 2019/11/12
- Re: Profiles/manifests-related command line interface enhancements,
Bengt Richter <=
- Re: Profiles/manifests-related command line interface enhancements, Ludovic Courtès, 2019/11/16
- Re: Profiles/manifests-related command line interface enhancements, Konrad Hinsen, 2019/11/17
- Re: Profiles/manifests-related command line interface enhancements, zimoun, 2019/11/18
- Re: Profiles/manifests-related command line interface enhancements, Konrad Hinsen, 2019/11/19
- Re: Profiles/manifests-related command line interface enhancements, Ludovic Courtès, 2019/11/23
- Re: Profiles/manifests-related command line interface enhancements, Konrad Hinsen, 2019/11/25
- On DSLs, Ludovic Courtès, 2019/11/26
- Re: Profiles/manifests-related command line interface enhancements, Hartmut Goebel, 2019/11/11
- Re: Profiles/manifests-related command line interface enhancements, Ludovic Courtès, 2019/11/16
- Re: Profiles/manifests-related command line interface enhancements, Konrad Hinsen, 2019/11/17