From: ng0@n0.is
To: guix-devel@gnu.org
Subject: Re: [RFC] A simple draft for channels
Date: Wed, 24 Jan 2018 12:33:03 +0000 [thread overview]
Message-ID: <87607rzbb4.fsf@abyayala.i-did-not-set--mail-host-address--so-tickle-me> (raw)
In-Reply-To: <86po5zx12t.fsf@gmail.com> (myglc2@gmail.com's message of "Wed, 24 Jan 2018 00:44:42 -0500")
myglc2@gmail.com:
> On 01/23/2018 at 16:50 ng0@n0.is writes:
>
>> myglc2 writes:
>>> On 01/19/2018 at 14:41 Ludovic Courtès writes:
>>>
>>>> Hi!
>>>>
>>>> Ricardo Wurmus <ricardo.wurmus@mdc-berlin.de> skribis:
>>>>
>>>>> As a first implementation of channels I’d just like to have a channel
>>>>> description file that records at least the following things:
>> […]
>>>> One thing that’s still an open question is how we should treat Guix
>>>> itself in that channelized world.
>>>>
>>>> Should Guix be a “normal” channel? It’s tempting to think of it as a
>>>> regular channel; however, it’s definitely “special” in that it can
>>>> update the ‘guix’ command, maybe guix-daemon & co., locale data, etc.
>>>> How does that affect ‘guix channel’?
>>>
>>> ISTM this design allows channels to inject non-free &/or non-safe
>>> components into other user's Guix systems. Is that true?
>>>
>>> If so, how will it impact the Guix promise of software freedom/safety?
>>>
>>> WDYT? - George
>>
>> Just commenting on this one for now until I got my mail fixed:
>>
>> Why is this a problem? Already today you can run Guix with as many
>> modifications as you like to, and you are free to install whatever you
>> want. That's one of the very good aspects of Guix - you can use it to
>> create whatever you like. Or maybe you need to expand a bit on the
>> sentences you wrote George.
>
> Yes, and this is important to the current user base. But in the future
> the majority of our users will be end-users that do not directly use FSF
> freedoms & Guix hackability. Still, they will choose Guix because this
> freedom and hackability provides indirect benefits such as enhanced
> security and safety.
>
> Yes, FSF freedom means we must permit any user to shoot themselves in
> the foot. But with GUIX_PACKAGE_PATH, this is not a worry.
>
> Channels dramatically increases the ease with which an end-user can harm
> themselves by e.g. using a channel that delivers non-free &/or non-safe
> software. This raises the question: are we obliged to, and if so, how do
> we help end-users protect themselves from this risk?
In my honest opinion: No. We can not prevent this. All we can do
is to provide a list of *official* channels. Beyond that I don't
think we should try to regulate what's in an unofficial channel
and what's allowed.
It would be waste of time better spent in other parts of the
project.
--
ng0 :: https://ea.n0.is
A88C8ADD129828D7EAC02E52E22F9BBFEE348588 :: https://ea.n0.is/keys/
next prev parent reply other threads:[~2018-01-24 12:33 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-19 8:24 [RFC] A simple draft for channels Ricardo Wurmus
2018-01-19 8:55 ` Jelle Licht
2018-01-19 11:30 ` Pjotr Prins
2018-01-19 13:41 ` Ludovic Courtès
2018-01-19 13:56 ` Pjotr Prins
2018-01-23 6:38 ` Ricardo Wurmus
2018-01-23 8:54 ` Pjotr Prins
2018-01-23 23:01 ` Carlo Zancanaro
2018-01-23 16:03 ` myglc2
2018-01-23 16:50 ` ng0
2018-01-24 5:44 ` myglc2
2018-01-24 12:33 ` ng0 [this message]
2018-01-24 15:04 ` Konrad Hinsen
2018-01-23 20:39 ` Ricardo Wurmus
2018-01-23 20:37 ` Ricardo Wurmus
2018-01-24 12:01 ` Pjotr Prins
2018-01-20 5:45 ` 宋文武
2018-01-24 14:08 ` Ludovic Courtès
2018-01-24 17:55 ` myglc2
2018-01-24 18:20 ` Ricardo Wurmus
2018-01-26 17:23 ` myglc2
2018-01-26 18:53 ` Oleg Pykhalov
2018-03-19 12:46 ` ng0
2018-01-27 12:10 ` Chris Marusich
2018-03-19 12:04 ` [Orchestration][RFC] " Pjotr Prins
2018-03-19 12:36 ` ng0
2018-03-19 18:21 ` myglc2
2018-03-19 18:31 ` Pjotr Prins
2018-03-19 20:18 ` myglc2
2018-03-19 20:29 ` Pjotr Prins
2018-03-20 7:02 ` Pjotr Prins
2018-03-20 10:41 ` Ricardo Wurmus
2018-03-20 13:10 ` Pjotr Prins
2018-03-20 13:41 ` Ricardo Wurmus
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87607rzbb4.fsf@abyayala.i-did-not-set--mail-host-address--so-tickle-me \
--to=ng0@n0.is \
--cc=guix-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).