From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bug-guix-bounces+larch=yhetil.org@gnu.org>
Received: from mp2.migadu.com ([2001:41d0:303:e224::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms13.migadu.com with LMTPS
	id sG/DEq2zMmedrgAAe85BDQ:P1
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Tue, 12 Nov 2024 01:47:25 +0000
Received: from aspmx1.migadu.com ([2001:41d0:303:e224::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp2.migadu.com with LMTPS
	id sG/DEq2zMmedrgAAe85BDQ
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Tue, 12 Nov 2024 02:47:25 +0100
X-Envelope-To: larch@yhetil.org
Authentication-Results: aspmx1.migadu.com;
	dkim=pass header.d=debbugs.gnu.org header.s=debbugs-gnu-org header.b=pcITxKFn;
	dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20230601 header.b=hUtpxsFN;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=gmail.com (policy=none);
	spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org"
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1731376045; a=rsa-sha256; cv=none;
	b=uU//bEbcr8fVJv1Caam9QEYR5WWtu33V0L8/5GYvV5GgJJxVbZXz+UiYW//QNXijmFB6b5
	hQuw+mz1KFOUTwLd2GvMqG+atGjDfJnxXAiao3mqVFBKEy2M5loGfVJUGjKmqFEoSLhhjg
	d1NR+JICem8z2jpj4msXjDBSwjkvv7YMBW9HzmgS3kocPi+n8MFcPnGf8b0R842BzoqGCg
	ssuHd78U3nMCvKDdmTHotfZgpKMo4GheocCvTyjHnTMHVsrBaFESkBIQHwrk631jIUP1w0
	TrVBUD5x1xglTVfmVRuoHn2bCwsPo+pf3wQw+c2IvIDUWs5j3TH7bJXvtMIiuA==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=pass header.d=debbugs.gnu.org header.s=debbugs-gnu-org header.b=pcITxKFn;
	dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20230601 header.b=hUtpxsFN;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=gmail.com (policy=none);
	spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org"
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1731376045;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:resent-cc:resent-from:resent-sender:
	 resent-message-id:in-reply-to:in-reply-to:references:references:
	 list-id:list-help:list-unsubscribe:list-subscribe:list-post:
	 dkim-signature; bh=T9vSMkgQ5FPz4RYC8+v6dUH36YcsozTup09xAjcCnlA=;
	b=Lr2jIeitXc5AamBJYNOBftOFJuXBKn7axWHNDS59xnITV/MASS4UaegvhKl4yd33y0zkkp
	BF/Rwpqp5RreiVM3i8yLFnuxQyc6EiBZT/Ubo2jYoV5sjExHiuxsyvpKTibBF7hAOvbquk
	AXw9J5oGNO+CKUUYUf3O9IsM9pBLTgJlhISsGJu+YHQclP8vGcwUNEFdGjDoxg8qsWnzKz
	FzHYYzHZdPQo/raWMMhnFk29ipH9t/Nl/MFUOKNS8aAp+i6afZvkYkV34lyMEZJgX4RC1P
	+cBMeORJJf/velIp28eb2b0P/vi5c5cOn1OVTfBz9UIyw3+rPlE1BXruCN530w==
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id C112E1D1C1
	for <larch@yhetil.org>; Tue, 12 Nov 2024 02:47:24 +0100 (CET)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <bug-guix-bounces@gnu.org>)
	id 1tAfzm-0003Rv-43; Mon, 11 Nov 2024 20:47:06 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1tAfzj-0003RW-Vu
 for bug-guix@gnu.org; Mon, 11 Nov 2024 20:47:04 -0500
Received: from debbugs.gnu.org ([2001:470:142:5::43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1tAfzj-0001UP-NZ
 for bug-guix@gnu.org; Mon, 11 Nov 2024 20:47:03 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=debbugs.gnu.org; s=debbugs-gnu-org; 
 h=MIME-Version:Date:References:In-Reply-To:From:To:Subject;
 bh=T9vSMkgQ5FPz4RYC8+v6dUH36YcsozTup09xAjcCnlA=; 
 b=pcITxKFnpBIBk2lCdG2rcGSkra748Cyi1cukGIeMaUKhM0B7okdfJ7tQuTcGiLY5CypfK5ePCbITIE8fWMZ4S11ZrS2vlhb4pdfyQ4axR+yjiRxq+B/onurpQaSElCqte9w8NCjGhprCHAQPIlk1HAeJ0o/R9V5KnV2NB8l3CHsEUFp7CpugRYgIoq2OQ2LTYMeTkB8B9w6O1PL+AtheuTRp7iNTWBRespYyvGCk4lAqetf0RnrDrOD8NG/RY5eBX546MeQX+FQMqVxM5cHNynm32bu97iK7TLygYnxKwhNXm/SlWPAcf6y0CRoK96z8YCUVsBQV6L5wwa6g77m9mw==;
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1tAfzi-0008RK-HD
 for bug-guix@gnu.org; Mon, 11 Nov 2024 20:47:02 -0500
X-Loop: help-debbugs@gnu.org
Subject: bug#73166: shell-autorized-directories
Resent-From: Suhail Singh <suhailsingh247@gmail.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Tue, 12 Nov 2024 01:47:02 +0000
Resent-Message-ID: <handler.73166.B.173137599332397@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 73166
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: Nicolas Graves <ngraves@ngraves.fr>
Cc: 73166@debbugs.gnu.org, saku@laesvuori.fi, ludo@gnu.org, andrew@trop.in
X-Debbugs-Original-Cc: 73166@debbugs.gnu.org,
 Saku Laesvuori <saku@laesvuori.fi>,
 Saku Laesvuori via Bug reports for GNU Guix <bug-guix@gnu.org>,
 Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>,
 Andrew Tropin <andrew@trop.in>
Received: via spool by submit@debbugs.gnu.org id=B.173137599332397
 (code B ref -1); Tue, 12 Nov 2024 01:47:02 +0000
Received: (at submit) by debbugs.gnu.org; 12 Nov 2024 01:46:33 +0000
Received: from localhost ([127.0.0.1]:59814 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1tAfzE-0008QS-Tn
 for submit@debbugs.gnu.org; Mon, 11 Nov 2024 20:46:33 -0500
Received: from lists.gnu.org ([209.51.188.17]:39270)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <suhailsingh247@gmail.com>) id 1tAfzA-0008QG-5d
 for submit@debbugs.gnu.org; Mon, 11 Nov 2024 20:46:28 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <suhailsingh247@gmail.com>)
 id 1tAfz9-0003QR-Va
 for bug-guix@gnu.org; Mon, 11 Nov 2024 20:46:27 -0500
Received: from mail-qk1-x742.google.com ([2607:f8b0:4864:20::742])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <suhailsingh247@gmail.com>)
 id 1tAfz8-0001Ri-Mj; Mon, 11 Nov 2024 20:46:27 -0500
Received: by mail-qk1-x742.google.com with SMTP id
 af79cd13be357-7b1601e853eso338702685a.2; 
 Mon, 11 Nov 2024 17:46:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1731375982; x=1731980782; darn=gnu.org;
 h=mime-version:user-agent:message-id:date:references:in-reply-to
 :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=T9vSMkgQ5FPz4RYC8+v6dUH36YcsozTup09xAjcCnlA=;
 b=hUtpxsFNLGaHnox0OezBnsPKzkLv8qNZtPlJizdxNFYh/Bqp6XhnAHpapqN2FD0JRO
 lnwkoVRFFJtgbD6ZFXtmMv6b7kcbSTiC84ezTNFIMLGFWR6+lQzHYpkhmj4kxAFkty39
 eClYt44l8lIEHR1xA4bdt3HIHJCOz+0mWQ3u6KxVkepXW1TfuXaDFRHMOybWiwY49hQe
 DulZJzO3ISDqswQXyWoD0LFX/03bsVio4j1K2LEz+94HvciBVD6SDHr6LVgxU6MCCNYS
 NE9G08QUuJEnbrYfi4Q64WzL2wSww1dro6grtRkQlDq6W3kQhc2RyD1/Nxc8ABfuj4hx
 Gy4g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1731375982; x=1731980782;
 h=mime-version:user-agent:message-id:date:references:in-reply-to
 :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date
 :message-id:reply-to;
 bh=T9vSMkgQ5FPz4RYC8+v6dUH36YcsozTup09xAjcCnlA=;
 b=GVU41ow0Nn0eJRSbEVP2FQgiVrv/rN9tNPkPtb9Ao5G/S8pQV29BBsRTyY0KZ74rVl
 dkwxzmXF5ssGKM0pOVd0N2PyLuA/utav86mZp4ongJ6uo1feRHaRJNnqS0ymDyuQA1Bj
 Unsg7StvY77Uof+tjhc+bvIAjBQE2i8klmXvQWD7n4EVHA1L3N00X+eJzrDhuV4YhNMu
 UbyuGcvce51BLUcVSgpxyVbJ5lQFx2YE2dAKSUj18mb8+TWuV19RgvUS1VyPI9I3M1Cl
 3k9W7d5TeRQ/otL7GGCWmvdkpGzWdBn1/5kwsITtm/QeVWZHjpLkCzTbywBReAJxF3K1
 UH9w==
X-Forwarded-Encrypted: i=1;
 AJvYcCUf0KQRI4/PYmCCTmkDjY2WBG3i2Oks6X+h/XFUWF28iSryNKujBLSwsc2Cy5xTCLZ5igZy@gnu.org
X-Gm-Message-State: AOJu0YwN/iyGI3BSlR1PIIl+Scb6wAouw/kEOFk8mNV7FU7/PjYodpEN
 rmnB+Dcskxt61h8WqfIym6/NvOiiaDpqYb1ELlikjxVhm/jqf0kaBh4YbIL6
X-Google-Smtp-Source: AGHT+IGBeihaUqcmLPAKzTxRUp1DP+Hm3exSmKfiZktBLyGwM9dGnAGaKpd7u8a0ID6+YpOduX495Q==
X-Received: by 2002:a05:6214:4411:b0:6cb:ee0b:47ba with SMTP id
 6a1803df08f44-6d39e101bb6mr193478256d6.10.1731375982289; 
 Mon, 11 Nov 2024 17:46:22 -0800 (PST)
Received: from gnus ([174.92.178.190]) by smtp.gmail.com with ESMTPSA id
 6a1803df08f44-6d3961dfa0csm66164586d6.14.2024.11.11.17.46.20
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 11 Nov 2024 17:46:21 -0800 (PST)
From: Suhail Singh <suhailsingh247@gmail.com>
In-Reply-To: <ewiboqbunbrh7ko3gztzbit56ijozomz2grgk4mhxuaudsjpcb@zelonmrn54os>
 (Saku Laesvuori via Bug reports for's message of "Mon, 11 Nov 2024
 09:54:22 +0200")
References: <877cbjwxs4.fsf@ngraves.fr> <87cyla7c0f.fsf@gnu.org>
 <87mske8emf.fsf@ngraves.fr> <874j4gpkbn.fsf@ngraves.fr>
 <g7otyh2dfhpfj4qpvrg4mxe3pj3ftk6veajuqsl333pi42mpwm@6ptyp5vttqa2>
 <87bjyn1ga7.fsf@ngraves.fr>
 <ewiboqbunbrh7ko3gztzbit56ijozomz2grgk4mhxuaudsjpcb@zelonmrn54os>
Date: Mon, 11 Nov 2024 20:46:10 -0500
Message-ID: <87ikstteal.fsf@gmail.com>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain
Received-SPF: pass client-ip=2607:f8b0:4864:20::742;
 envelope-from=suhailsingh247@gmail.com; helo=mail-qk1-x742.google.com
X-Spam_score_int: -17
X-Spam_score: -1.8
X-Spam_bar: -
X-Spam_report: (-1.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: bug-guix@gnu.org
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-guix>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=subscribe>
Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org
Sender: bug-guix-bounces+larch=yhetil.org@gnu.org
X-Migadu-Flow: FLOW_IN
X-Migadu-Country: US
X-Migadu-Spam-Score: -1.32
X-Spam-Score: -1.32
X-Migadu-Queue-Id: C112E1D1C1
X-Migadu-Scanner: mx12.migadu.com
X-TUID: GUV6LK1Wx8/i

Saku Laesvuori via Bug reports for GNU Guix <bug-guix@gnu.org> writes:

> Anyway, I am not opposed to this change. The only effects for my use
> cases are positive (nicer UI with the --allow flag). I just want to
> point out that I don't think this makes any attacks significantly
> harder.

FWIW, this summarizes my belief as well.  I do see some improvements in
convenience, but the threat model where this improves security (threat
actor has access to the repository, but the files are such that the
threat actor isn't able to modify their semantics without first
modifying the files) seems contrived.  Am I mistaken?

If not, while I don't have objections to the change (and do believe it
has some value), I do have reservations about claiming security
benefits.

-- 
Suhail