* bug#41602: texlive-texmf is actually subtitutable @ 2020-05-29 15:15 Ludovic Courtès 2020-05-29 18:04 ` Leo Famulari 2020-05-30 4:06 ` Bengt Richter 0 siblings, 2 replies; 5+ messages in thread From: Ludovic Courtès @ 2020-05-29 15:15 UTC (permalink / raw) To: 41602 Strangely, ‘texlive-texmf’ (the big one) is substitutable: --8<---------------cut here---------------start------------->8--- $ guix describe Generacio 145 May 25 2020 00:37:58 (nuna) guix 9744cc7 repository URL: https://git.savannah.gnu.org/git/guix.git branch: master commit: 9744cc7b4636fafb772c94adb8f05961b5b39f16 $ guix environment --ad-hoc texlive -- texdoc biblatex 2.6 MB will be downloaded: /gnu/store/7ji4l3szj68b0r5w10bvvdx1vy6nhz5p-subversion-1.10.6 downloading from https://ci.guix.gnu.org/nar/lzip/7ji4l3szj68b0r5w10bvvdx1vy6nhz5p-subversion-1.10.6 ... subversion-1.10.6 2.5MiB 7.2MiB/s 00:00 [##################] 100.0% La jena derivo estos konstruata: /gnu/store/55yx02hr0dz47px1aj0j14xll3bsrmml-texlive-texmf-20190410.drv 2,845.8 MB will be downloaded: /gnu/store/nm6w84c9zj3yiylal3dk1sqzxq11sjzw-texlive-20190410-texmf.tar.xz /gnu/store/xpkl70g3bls935h1zdlq7sn2j6rccp3k-texlive-20190410 downloading from https://ci.guix.gnu.org/nar/lzip/z4xvgiliw5baf1pr4z03c7n2hw3bm5x5-texlive-texmf-20190410 ... texlive-texmf-20190410 2.61GiB --8<---------------cut here---------------end--------------->8--- The info suggests it won’t be substituted, but it’s eventually substituted. I wonder why, because the .drv has: ("allowSubstitutes","0") and the daemon has: bool substitutesAllowed(const Derivation & drv) { return get(drv.env, "allowSubstitutes", "1") == "1"; } and: if (settings.useSubstitutes && substitutesAllowed(drv)) foreach (PathSet::iterator, i, invalidOutputs) addWaitee(worker.makeSubstitutionGoal(*i, buildMode == bmRepair)); Thoughts? Ludo’. ^ permalink raw reply [flat|nested] 5+ messages in thread
* bug#41602: texlive-texmf is actually subtitutable 2020-05-29 15:15 bug#41602: texlive-texmf is actually subtitutable Ludovic Courtès @ 2020-05-29 18:04 ` Leo Famulari 2020-05-30 14:07 ` Ludovic Courtès 2020-05-30 4:06 ` Bengt Richter 1 sibling, 1 reply; 5+ messages in thread From: Leo Famulari @ 2020-05-29 18:04 UTC (permalink / raw) To: Ludovic Courtès; +Cc: 41602 On Fri, May 29, 2020 at 05:15:40PM +0200, Ludovic Courtès wrote: > The info suggests it won’t be substituted, but it’s eventually > substituted. I wonder why, because the .drv has: > > ("allowSubstitutes","0") > > and the daemon has: > > bool substitutesAllowed(const Derivation & drv) > { > return get(drv.env, "allowSubstitutes", "1") == "1"; > } > > and: > > if (settings.useSubstitutes && substitutesAllowed(drv)) > foreach (PathSet::iterator, i, invalidOutputs) > addWaitee(worker.makeSubstitutionGoal(*i, buildMode == bmRepair)); > > Thoughts? I wonder if the content-addressed fallbacks take a different code path that doesn't respect "allowSubstitutes"? ^ permalink raw reply [flat|nested] 5+ messages in thread
* bug#41602: texlive-texmf is actually subtitutable 2020-05-29 18:04 ` Leo Famulari @ 2020-05-30 14:07 ` Ludovic Courtès 2024-04-03 2:09 ` Maxim Cournoyer 0 siblings, 1 reply; 5+ messages in thread From: Ludovic Courtès @ 2020-05-30 14:07 UTC (permalink / raw) To: Leo Famulari; +Cc: 41602 Hi, Leo Famulari <leo@famulari.name> skribis: > On Fri, May 29, 2020 at 05:15:40PM +0200, Ludovic Courtès wrote: >> The info suggests it won’t be substituted, but it’s eventually >> substituted. I wonder why, because the .drv has: >> >> ("allowSubstitutes","0") >> >> and the daemon has: >> >> bool substitutesAllowed(const Derivation & drv) >> { >> return get(drv.env, "allowSubstitutes", "1") == "1"; >> } >> >> and: >> >> if (settings.useSubstitutes && substitutesAllowed(drv)) >> foreach (PathSet::iterator, i, invalidOutputs) >> addWaitee(worker.makeSubstitutionGoal(*i, buildMode == bmRepair)); >> >> Thoughts? > > I wonder if the content-addressed fallbacks take a different code path > that doesn't respect "allowSubstitutes"? It does, but this texlive-texmf.drv is not a fixed-output derivation. Ludo’. ^ permalink raw reply [flat|nested] 5+ messages in thread
* bug#41602: texlive-texmf is actually subtitutable 2020-05-30 14:07 ` Ludovic Courtès @ 2024-04-03 2:09 ` Maxim Cournoyer 0 siblings, 0 replies; 5+ messages in thread From: Maxim Cournoyer @ 2024-04-03 2:09 UTC (permalink / raw) To: Ludovic Courtès; +Cc: 41602, Leo Famulari Hello, Ludovic Courtès <ludo@gnu.org> writes: > Hi, > > Leo Famulari <leo@famulari.name> skribis: > >> On Fri, May 29, 2020 at 05:15:40PM +0200, Ludovic Courtès wrote: >>> The info suggests it won’t be substituted, but it’s eventually >>> substituted. I wonder why, because the .drv has: >>> >>> ("allowSubstitutes","0") >>> >>> and the daemon has: >>> >>> bool substitutesAllowed(const Derivation & drv) >>> { >>> return get(drv.env, "allowSubstitutes", "1") == "1"; >>> } >>> >>> and: >>> >>> if (settings.useSubstitutes && substitutesAllowed(drv)) >>> foreach (PathSet::iterator, i, invalidOutputs) >>> addWaitee(worker.makeSubstitutionGoal(*i, buildMode == bmRepair)); >>> >>> Thoughts? >> >> I wonder if the content-addressed fallbacks take a different code path >> that doesn't respect "allowSubstitutes"? > > It does, but this texlive-texmf.drv is not a fixed-output derivation. I just verified; this still happens: --8<---------------cut here---------------start------------->8--- $ guix build texlive -n substitute: mise à jour des substituts depuis « https://ci.guix.gnu.org »... 100.0 % La dérivation suivante serait compilée : /gnu/store/ym96pipknrh6khzc3ws8ychiy6224y61-texlivetexmf-20230313.drv 3 880,6 Mo seraient téléchargés : /gnu/store/rzczwmmkvpkahy0mgpahav0yx37ci61b-texlive-20230313-texmf.tar.xz /gnu/store/bcc5071mvprhp4yj1jimlhyyi499d2ba-texlivebin-20230313 /gnu/store/bd4mzanvv7q2plm2b6zld8cz3fy0x34a-texlive-20230313 maxim@hurd ~/src/guix [env]$ guix build /gnu/store/bd4mzanvv7q2plm2b6zld8cz3fy0x34a-texlive-20230313 substitute: mise à jour des substituts depuis « https://ci.guix.gnu.org »... 100.0 % substitution de /gnu/store/bcc5071mvprhp4yj1jimlhyyi499d2ba-texlivebin-20230313... téléchargement depuis https://ci.guix.gnu.org/nar/lzip/bcc5071mvprhp4yj1jimlhyyi499d2ba-texlivebin-20230313... texlivebin-20230313 13.5MiB 527KiB/s 00:26 ▕██████████████████▏ 100.0% substitution de /gnu/store/4hr3i6p7g2miwhy9gn64mxp1haix36dq-texlivetexmf-20230313... téléchargement depuis https://ci.guix.gnu.org/nar/lzip/4hr3i6p7g2miwhy9gn64mxp1haix36dq-texlivetexmf-20230313... texlivetexmf-20230313 3.63GiB 360KiB/s 00:17 ▕ ▏ 0.2%^C --8<---------------cut here---------------end--------------->8--- -- Thanks, Maxim ^ permalink raw reply [flat|nested] 5+ messages in thread
* bug#41602: texlive-texmf is actually subtitutable 2020-05-29 15:15 bug#41602: texlive-texmf is actually subtitutable Ludovic Courtès 2020-05-29 18:04 ` Leo Famulari @ 2020-05-30 4:06 ` Bengt Richter 1 sibling, 0 replies; 5+ messages in thread From: Bengt Richter @ 2020-05-30 4:06 UTC (permalink / raw) To: Ludovic Courtès; +Cc: 41602 On +2020-05-29 17:15:40 +0200, Ludovic Courtès wrote: > Strangely, ‘texlive-texmf’ (the big one) is substitutable: > > --8<---------------cut here---------------start------------->8--- > $ guix describe > Generacio 145 May 25 2020 00:37:58 (nuna) > guix 9744cc7 > repository URL: https://git.savannah.gnu.org/git/guix.git > branch: master > commit: 9744cc7b4636fafb772c94adb8f05961b5b39f16 > $ guix environment --ad-hoc texlive -- texdoc biblatex > 2.6 MB will be downloaded: > /gnu/store/7ji4l3szj68b0r5w10bvvdx1vy6nhz5p-subversion-1.10.6 > downloading from https://ci.guix.gnu.org/nar/lzip/7ji4l3szj68b0r5w10bvvdx1vy6nhz5p-subversion-1.10.6 ... > subversion-1.10.6 2.5MiB 7.2MiB/s 00:00 [##################] 100.0% > > La jena derivo estos konstruata: > /gnu/store/55yx02hr0dz47px1aj0j14xll3bsrmml-texlive-texmf-20190410.drv > 2,845.8 MB will be downloaded: > /gnu/store/nm6w84c9zj3yiylal3dk1sqzxq11sjzw-texlive-20190410-texmf.tar.xz > /gnu/store/xpkl70g3bls935h1zdlq7sn2j6rccp3k-texlive-20190410 > downloading from https://ci.guix.gnu.org/nar/lzip/z4xvgiliw5baf1pr4z03c7n2hw3bm5x5-texlive-texmf-20190410 ... > texlive-texmf-20190410 2.61GiB > --8<---------------cut here---------------end--------------->8--- > > The info suggests it won’t be substituted, but it’s eventually > substituted. I wonder why, because the .drv has: > > ("allowSubstitutes","0") > > and the daemon has: > > bool substitutesAllowed(const Derivation & drv) > { > return get(drv.env, "allowSubstitutes", "1") == "1"; > } > > and: > > if (settings.useSubstitutes && substitutesAllowed(drv)) > foreach (PathSet::iterator, i, invalidOutputs) > addWaitee(worker.makeSubstitutionGoal(*i, buildMode == bmRepair)); > > Thoughts? This is the kind of "wonder why" that makes me wonder about trojan horse bug fixes as described in [1], which is a really interesting and scary read, especially since [1] could very conceivably be an example of what it itself is talking about (though they don't sound malicious, so I can hope trusting okular to display it was not giving them a pdf or image parser to exploit with malice). Anyway, please note that the "pdf" file starts with these lines: --8<---------------cut here---------------start------------->8--- # I'm a shell script :-) so please make me executable! # No shebang but I work equally well with Bash, Dash and Zsh # The script embeds link-grammar, a x86-64 ELF so it requires to be run on a x86-64 linux system --8<---------------cut here---------------end--------------->8--- What looks like the beginning of a normal pdf file starts at line 30 counting from 1 as first line. okular will display the original as if it were pdf (bug??) though "file" just sees it as "data." Trim off the first 29 lines and file sees it as pdf, and pdfinfo will find its way too. Idk, you might want at least to cut out the first 29 lines before looking at it with e.g. okular, (which I trustingly used to open the file): note that okular got past the 29-line script part, (which is a bit promiscuous for my taste), and displayed the pdf. It was really interesting, esp the sections around --8<---------------cut here---------------start------------->8--- 3 Deniable Backdoors Using Compiler Bugs by Scott Bauer, Pascal Cuoq, and John Regehr --8<---------------cut here---------------end--------------->8--- Maybe you can view it in a sandbox :) But don't blame me if you don't. YOU WERE WARNED. So read it -- and wonder what might come with a mysterious substitute ;-P [1] https://www.alchemistowl.org/pocorgtfo/pocorgtfo08.pdf > > Ludo’. > > > -- Regards, Bengt Richter ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2024-04-03 2:10 UTC | newest] Thread overview: 5+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2020-05-29 15:15 bug#41602: texlive-texmf is actually subtitutable Ludovic Courtès 2020-05-29 18:04 ` Leo Famulari 2020-05-30 14:07 ` Ludovic Courtès 2024-04-03 2:09 ` Maxim Cournoyer 2020-05-30 4:06 ` Bengt Richter
Code repositories for project(s) associated with this public inbox https://git.savannah.gnu.org/cgit/guix.git This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).