From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id gK+hJMLk1l5tAQAA0tVLHw (envelope-from ) for ; Tue, 02 Jun 2020 23:46:10 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id +OBvIMLk1l4lCAAAB5/wlQ (envelope-from ) for ; Tue, 02 Jun 2020 23:46:10 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 38CD8940039 for ; Tue, 2 Jun 2020 23:46:10 +0000 (UTC) Received: from localhost ([::1]:39780 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jgGbh-0003F3-6H for larch@yhetil.org; Tue, 02 Jun 2020 19:46:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:59874) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jgGba-0003Ex-Gk for bug-guix@gnu.org; Tue, 02 Jun 2020 19:46:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:57996) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1jgGba-000834-6b for bug-guix@gnu.org; Tue, 02 Jun 2020 19:46:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1jgGba-0001oi-55; Tue, 02 Jun 2020 19:46:02 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#22883: Channel introductions Resent-From: zimoun Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Tue, 02 Jun 2020 23:46:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 22883 X-GNU-PR-Package: guix X-GNU-PR-Keywords: security To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Received: via spool by 22883-submit@debbugs.gnu.org id=B22883.15911415316941 (code B ref 22883); Tue, 02 Jun 2020 23:46:02 +0000 Received: (at 22883) by debbugs.gnu.org; 2 Jun 2020 23:45:31 +0000 Received: from localhost ([127.0.0.1]:41309 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jgGb5-0001nt-Bg for submit@debbugs.gnu.org; Tue, 02 Jun 2020 19:45:31 -0400 Received: from mail-qv1-f54.google.com ([209.85.219.54]:37658) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jgGb4-0001nh-K7 for 22883@debbugs.gnu.org; Tue, 02 Jun 2020 19:45:30 -0400 Received: by mail-qv1-f54.google.com with SMTP id y9so238613qvs.4 for <22883@debbugs.gnu.org>; Tue, 02 Jun 2020 16:45:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=tyAw0+LGCV5qfNKzwXlT2ouBq0RLVOujzVumYlXVBx8=; b=ZZV3JgBJgKNsD7wXTqDUkiQ38pn7/nm4TvbYFr+gEl4gO/mHBD7worN/pWjp6owNmV +7Pn0+8K/CNFqu2nch7FQH/Tq8LUWc9Hadjo4iZGl3hQVpsmz6Tf+JBU1hrtTcEwb4IR drD8ZDD7M0CNOfGKkMF9KzIONbhxDdV1i/mQNy6qsuQbts7pgT8mUmzwfLtBwSLenx1S xC/jTCoyZMaoACKKtLoIbyfR4/2xWV3KbCcVZAjFO1eYpxv9SCkCH2IGCJZp0p4O/hX0 WSWg98o7xlA+ZMaW52MgCViNQ0UeOnbf71sNAO07b2aGwSCA4iwgScUuro3ATWHGhZhh /Aig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=tyAw0+LGCV5qfNKzwXlT2ouBq0RLVOujzVumYlXVBx8=; b=DaxDUFbI0NwKpjZpPYKY+7cxhYCBCTm3BmFljV6F7NT2NT/oL8ziMgl505tU7qKh4N p4DwNQYV3QsiTtEyu511hVdz1M+OZSPXrt7wQN/QjyayuN2sOdhPZb1/8S6/di+hBH21 jY0DTJTWwdFSkJ0m3GwghAQMwuKU/5GKd2vH7Ybk82u+R+xiYf6knG27GFSWwzs1ziBl Q8i0Cm9AapCeqSTZEBs0dJO5vtHCqG3f06owHjHtOwYDfqSi8pCgRNcG3ycKDskJDw6a qIHJB/78+5dxXLg3QfAMXw8VDbjl0+X5AMua2jaoAG/661kRUXtHGZAAOJAWU12W2Twl hv1w== X-Gm-Message-State: AOAM532Fn2QQzAa/0E5egqUENhkJ66UeNVc+/o8o2QpkOaLwGE1IoOqP qyVq2yyjPp1w6W/I4fJO+erJ1Xc73s/KgIbP5ss= X-Google-Smtp-Source: ABdhPJyqs4l+pf8AxM5y64VizTa10WIupb+OKK1r++P2dZWR3UJdAlEMKwtOmfIfIQF336LtWhFsECLq17Zgq9nM8KU= X-Received: by 2002:ad4:536a:: with SMTP id e10mr7860291qvv.246.1591141524892; Tue, 02 Jun 2020 16:45:24 -0700 (PDT) MIME-Version: 1.0 References: <87io14sqoa.fsf@dustycloud.org> <87h9ep8gxk.fsf@gnu.org> <20160426001359.GA23088@jasmine> <874majg0z8.fsf@gnu.org> <87bn3iz1xc.fsf_-_@gnu.org> <87wpket748.fsf@gnu.org> <87bmkwm8ed.fsf@gnu.org> <87png9o8i2.fsf@elephly.net> <87fth4bj6y.fsf@gnu.org> <87bln9oupo.fsf@gnu.org> <87wo5vfuxi.fsf@gnu.org> <87o8qjekt7.fsf@gnu.org> <87v9kanalz.fsf_-_@gnu.org> In-Reply-To: <87v9kanalz.fsf_-_@gnu.org> From: zimoun Date: Wed, 3 Jun 2020 01:45:13 +0200 Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -1.0 (-) X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: 22883@debbugs.gnu.org Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=fail (rsa verify failed) header.d=gmail.com header.s=20161025 header.b=ZZV3JgBJ; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Spam-Score: 0.09 X-TUID: J+y8LnaPzqYX Hi Ludo, Really cool! Well, even if I am not enough clever to understand all that. On Mon, 1 Jun 2020 at 16:08, Ludovic Court=C3=A8s wrote: > I think we need a way to =E2=80=9Cintroduce=E2=80=9D a channel to its use= rs that goes > beyond a mere URL. Just to be sure to well understand, will the good ol' ~/.config/guix/channels.scm --8<---------------cut here---------------start------------->8--- ;; Tell 'guix pull' to use my own repo. (list (channel (name 'guix) (url "https://example.org/my-guix.git") (branch "super-hacks"))) --8<---------------cut here---------------end--------------->8--- still work as it is now? i.e., using the current "unauthorized" mechanism. Or will a new keyword be added to this channel description to say "this channel does not use authorized machinery but it is fine"? > If that information were stored in =E2=80=98.guix-channel=E2=80=99, = it would be > trivial for an attacker to fork the project (or push a new commit) > and pretend the authentication process must not take previous > commits into account. What will happen to recursive '.guix-channel'? The '.guix-channel' of channel A contains the reference to the channel B where the '.guix-channel' contains the reference to the channel C, etc. > 4. When publishing a fork of a channel, one emits a new channel > introduction. Users switching to the fork have to explicitly allow > that new channel via its introduction; flipping the URL won=E2=80=99= t be > enough because =E2=80=98guix pull=E2=80=99 would report unauthorized= commits. I am a bit afraid by this... and I hope that a fork of a channel will still work without emitting a new channel introduction. > 5. The channel URL is not included in the introduction. However, the > official URL is an important piece of information: it tells users > this is where they=E2=80=99ll get the latest updates. It should be > possible to create mirrors, but by default users should go to the > official URL. They should be aware that mirrors can be outdated. I do not understand this paragraph. The aim of mirrors is to avoid the users to go to the official URL, isn't it? And the mirrors do not have by design the latest updates (time to propagate, etc.). > I think the official URL can be stored in =E2=80=98.guix-channel=E2= =80=99 in the > repo (which is subject to the authentication machinery). That way, > =E2=80=98guix pull=E2=80=99 can let the user know if they=E2=80=99re= talking to a mirror > rather than to the official channel. Why does it matter? The user should authenticate the downloaded content whatever the URL serving it, isn't it? And can 'guix pull' already let the users know to who they are talking? > This verbose interface creates an incentive to create a =E2=80=98guix cha= nnel=E2=80=99 > command that could make it easier to add a new channel. Yahoga! :-) Thank you. All the best, simon