From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id lBOMFTAoe19BUwAA0tVLHw (envelope-from ) for ; Mon, 05 Oct 2020 14:05:36 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id uETPEDAoe19XBwAAB5/wlQ (envelope-from ) for ; Mon, 05 Oct 2020 14:05:36 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id D03B39402AC for ; Mon, 5 Oct 2020 14:05:35 +0000 (UTC) Received: from localhost ([::1]:44280 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kPR7O-0007Ti-Mo for larch@yhetil.org; Mon, 05 Oct 2020 10:05:34 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:55744) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kPR40-0004KY-Ce for bug-guix@gnu.org; Mon, 05 Oct 2020 10:02:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:38411) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kPR3y-0001Eg-QC for bug-guix@gnu.org; Mon, 05 Oct 2020 10:02:04 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1kPR3y-0006w1-O1 for bug-guix@gnu.org; Mon, 05 Oct 2020 10:02:02 -0400 Subject: bug#43770: Geeks think securely: VM per Package (trustless state to devs and their apps) Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-To: bug-guix@gnu.org Resent-Date: Mon, 05 Oct 2020 14:02:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: cc-closed 43770 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: bo0od Mail-Followup-To: 43770@debbugs.gnu.org, ludo@gnu.org, bo0od@riseup.net Received: via spool by 43770-done@debbugs.gnu.org id=D43770.160190647123837 (code D ref 43770); Mon, 05 Oct 2020 14:02:02 +0000 Received: (at 43770-done) by debbugs.gnu.org; 5 Oct 2020 14:01:11 +0000 Received: from localhost ([127.0.0.1]:49956 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kPR38-0006C4-Sp for submit@debbugs.gnu.org; Mon, 05 Oct 2020 10:01:11 -0400 Received: from eggs.gnu.org ([209.51.188.92]:48638) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kPR34-00063E-DL for 43770-done@debbugs.gnu.org; Mon, 05 Oct 2020 10:01:09 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:59185) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kPR2z-00018W-1C; Mon, 05 Oct 2020 10:01:01 -0400 Received: from [2001:660:6102:320:e120:2c8f:8909:cdfe] (port=35332 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1kPR2v-000593-KN; Mon, 05 Oct 2020 10:00:59 -0400 From: Ludovic =?UTF-8?Q?Court=C3=A8s?= References: <0adb9d2b-22e6-412d-4148-fd032d191b6b@riseup.net> <87mu14e7k5.fsf@elephly.net> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 14 =?UTF-8?Q?Vend=C3=A9miaire?= an 229 de la =?UTF-8?Q?R=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Mon, 05 Oct 2020 16:00:55 +0200 In-Reply-To: (bo0od@riseup.net's message of "Fri, 2 Oct 2020 22:18:24 +0000") Message-ID: <87zh50wz54.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -3.3 (---) X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: 43770-done@debbugs.gnu.org Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Spam-Score: -1.51 X-TUID: Nyyb2k8pu85y Hi, bo0od skribis: > Actually what i wanted to say but seems i missed it, This security > design can be engineered and implemented when Guixsd released based on=20 > GNU-Hurd Kernel. Because its going to be totally new kernel and having > this feature is without question the best security feature for the=20 > future of security within operating systems. > > Otherwise we gonna fall into the same cycle of trust to outside > package developers and their codes without preventive mechanism > against if its malicious one. > > If you mean the bug report is not the place for this request, then i > dont know where because i already discussed it in the IRC channel.(if=20 > there is somewhere else i can report this just tell me) It=E2=80=99s great to share your views of what you think should be done fro= m a security standpoint. There=E2=80=99s little more we contributors can say o= ther than: yes, we agree, we=E2=80=99re working in this direction, and it=E2=80= =99s going to be a long journey. What could help though is if people like you come and join us on that journey. I very much encourage you to play with Guix System and in particular with the =E2=80=9Cchildhurd=E2=80=9D service that has recently l= anded and should be of interest to you. For now I=E2=80=99m closing the bug because as Ricardo wrote, it=E2=80=99s = not a bug report per se. Thank you, Ludo=E2=80=99.