[bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment'

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment'

From:	pelzflorian (Florian Pelz)
Subject:	[bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment'
Date:	Sat, 2 Oct 2021 17:08:51 +0200

On Sat, Oct 02, 2021 at 03:40:00PM +0200, Ludovic Courtès wrote:
> "pelzflorian (Florian Pelz)" <pelzflorian@pelzflorian.de> skribis:
> > On Sat, Oct 02, 2021 at 12:21:16PM +0200, Ludovic Courtès wrote:
> >> 2. ‘guix shell’, without arguments, loads ‘guix.scm’ or ‘manifest.scm’
> >>    from the current directory or one of its ancestors.
> > This however is concerning.  Users will not expect guix to execute
> > arbitrary code.  Maybe print a suggestion to maybe --file the file
> > instead.
> I think it’s fine as long as, as in the case of ‘haunt build’ or ‘make’
> or ‘git’, it’s properly documented.  Also, ‘guix shell’ unconditionally
> writes a message.

Let’s say I have downloaded undesirable code to a file
/home/florian/Downloads/guix.scm and am hacking on source code in
/home/florian/Downloads/something/ where I run `guix shell`, but
/home/florian/Downloads/something/ does not in fact contain a
guix.scm file.  Now I’d have accidentally run the other guix.scm.

Also `make` is typically used without arguments, but a novice `guix
shell` user might know `guix shell program-a program-b` but is
surprised when running `guix shell` without arguments in an untrusted
directory.

But yes, git hooks are dangerous too.

Regards,
Florian

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#50960] [PATCH 10/10] shell: Maintain a profile cache., (continued)
- [bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment', Jelle Licht, 2021/10/02
  - [bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment', Ludovic Courtès, 2021/10/02
- [bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment', pelzflorian (Florian Pelz), 2021/10/02
  - [bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment', Ludovic Courtès, 2021/10/02
    - [bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment', pelzflorian (Florian Pelz) <=
    - [bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment', Ludovic Courtès, 2021/10/04
    - [bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment', pelzflorian (Florian Pelz), 2021/10/04
    - [bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment', Maxime Devos, 2021/10/04
- [bug#50960] ‘guix shell’ shebangs, Ludovic Courtès, 2021/10/02
  - [bug#50960] ‘guix shell’ shebangs, Katherine Cox-Buday, 2021/10/03
- [bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment', Christine Lemmer-Webber, 2021/10/02
- [bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment', Vagrant Cascadian, 2021/10/02
  - [bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment', Nicolò Balzarotti, 2021/10/03
  - [bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment', Ludovic Courtès, 2021/10/04
    - [bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment', Maxime Devos, 2021/10/04

Prev by Date: [bug#50960] [PATCH 10/10] shell: Maintain a profile cache.
Next by Date: [bug#50873] [PATCH 0/5] Fixes to ‘guix home import’
Previous by thread: [bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment'
Next by thread: [bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment'
Index(es):
- Date
- Thread