[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Potential security weakness in Guix services
From: |
Ludovic Courtès |
Subject: |
Re: Potential security weakness in Guix services |
Date: |
Sat, 06 Feb 2021 22:28:22 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) |
Maxime Devos <maximedevos@telenet.be> skribis:
> On Fri, 2021-02-05 at 13:20 +0100, Maxime Devos wrote:
>> On Fri, 2021-02-05 at 10:57 +0100, Ludovic Courtès wrote:
>> > [...]
>> [...]
>>
>> I'll try to implement this API in Scheme (using the FFI), and post
>> it at https://notabug.org/mdevos/things. I'll post a follow-up
>> messsage once I've implemented the basics (openat, chmodat,
>> chownat).
>
> Ping!
> https://notabug.org/mdevos/things/src/a0715e6758ad43252e16993dcf688a25156057f3/fs-at.scm
Nice!
I just remembered this subtlety: during bootup, the activation code is
evaluated by the Guile that’s in the initrd, which is a
statically-linked Guile, and thus we can’t use ‘dynamic-link’ & co. in
there. :-/
(That’s why we carry ‘guile-linux-syscalls.patch’.)
Ludo’.
- Re: Potential security weakness in Guix services, Ludovic Courtès, 2021/02/01
- Re: Potential security weakness in Guix services, Julien Lepiller, 2021/02/01
- Re: Potential security weakness in Guix services, Maxime Devos, 2021/02/01
- Re: Potential security weakness in Guix services, Ludovic Courtès, 2021/02/02
- Re: Potential security weakness in Guix services, Maxime Devos, 2021/02/02
- Re: Potential security weakness in Guix services, Maxime Devos, 2021/02/02
- Re: Potential security weakness in Guix services, Ludovic Courtès, 2021/02/05
- Re: Potential security weakness in Guix services, Maxime Devos, 2021/02/05
- Re: Potential security weakness in Guix services, Maxime Devos, 2021/02/05
- Re: Potential security weakness in Guix services,
Ludovic Courtès <=
- Re: Potential security weakness in Guix services, Maxime Devos, 2021/02/06
- Re: Potential security weakness in Guix services, Ludovic Courtès, 2021/02/10
- Re: Potential security weakness in Guix services, Ludovic Courtès, 2021/02/06
- TOCTTOU race (was: Potential security weakness in Guix services), Maxime Devos, 2021/02/14
- Re: TOCTTOU race (was: Potential security weakness in Guix services), Bengt Richter, 2021/02/14
- Re: TOCTTOU race, Ludovic Courtès, 2021/02/18
- Re: TOCTTOU race, Maxime Devos, 2021/02/19
- Re: TOCTTOU race, Ludovic Courtès, 2021/02/22
- Re: TOCTTOU race, Maxime Devos, 2021/02/22
- Re: TOCTTOU race, Ludovic Courtès, 2021/02/23