From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id uFJQCXP2aGCsMwEAgWs5BA (envelope-from ) for ; Sun, 04 Apr 2021 01:12:51 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id GIc/A3P2aGBdJQAAbx9fmQ (envelope-from ) for ; Sat, 03 Apr 2021 23:12:51 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 75E6BAA78 for ; Sun, 4 Apr 2021 01:12:50 +0200 (CEST) Received: from localhost ([::1]:54400 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lSpRh-0002tr-Du for larch@yhetil.org; Sat, 03 Apr 2021 19:12:49 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:40750) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lSpRU-0002th-J2 for guix-devel@gnu.org; Sat, 03 Apr 2021 19:12:36 -0400 Received: from mail.zaclys.net ([178.33.93.72]:44277) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lSpRR-0006k2-Eh; Sat, 03 Apr 2021 19:12:36 -0400 Received: from [192.168.1.115] (lsl43-1_migr-78-195-19-20.fbx.proxad.net [78.195.19.20] (may be forged)) (authenticated bits=0) by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 133NCT0v048423 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sun, 4 Apr 2021 01:12:30 +0200 DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 133NCT0v048423 Authentication-Results: mail.zaclys.net; spf=fail smtp.mailfrom=lle-bout@zaclys.net DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net; s=default; t=1617491550; bh=CwVfidnXt0lx/wxClsg5/4Z1YtalbNoXTVhalDas+Ek=; h=Subject:From:To:Cc:Date:In-Reply-To:References:From; b=Y2ojj9Rbcf6Zcx9U9KNFMJQCf3DqJEtJwK3OzJn8GUZIw5Y6AvIvU6K+S/od/QLCf QEuAct7S6I7bSKvkEXGd/8rNQOF0VvhO5ei33EXjuR2p2wLd3AVbP5gOvzeV5TINeN zq6zd1oobAZWFow2zOCEqEpWN67uwzPmrWf3ioJ4= Message-ID: Subject: Re: Secure GNU Guix offloading From: =?ISO-8859-1?Q?L=E9o?= Le Bouter To: Ludovic =?ISO-8859-1?Q?Court=E8s?= Cc: guix-devel@gnu.org Date: Sun, 04 Apr 2021 01:12:19 +0200 In-Reply-To: <87wntphwsb.fsf@gnu.org> References: <08637e6051d17cb890eb051ca8d5518a527bd39b.camel@zaclys.net> <87wntphwsb.fsf@gnu.org> Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-t7szRXOPSWxDuiH5pbph" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 Received-SPF: pass client-ip=178.33.93.72; envelope-from=lle-bout@zaclys.net; helo=mail.zaclys.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1617491570; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=CwVfidnXt0lx/wxClsg5/4Z1YtalbNoXTVhalDas+Ek=; b=g5ZLq521rR/Xx/OSm9WXQZxKBj4yDe4gZzGP2Q0fXHwx+1h+WGFkM1vV8zZw4/xf2X9ove J/KZagC8maz6L1P5LODM0ul0Mq2t13hM1Dz+NmBDNgvgFrTwc9ODTNAsI0JIXz3V/VOgus B6sQdNYtikYWeht8Mh62tuUTNWgI7erMYMA/MgWamZzo5n1E7hPAzYkHXlXy9kz0Nk05WE QMfS8fg2A+B+NspMXrZtiFejKKi5TyzstuQPh1rQkGfVsAT9PS53XTnZqSNdL5Tq1fh79+ Tv93P6dnxsZWyCsdj9EX1TvqovYOy/7cOvYmpaLKdGHcWkgSquY0l00om+BzsA== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1617491570; a=rsa-sha256; cv=none; b=YULLtHAMIpnV/N9vRD5bI6rci6WtqIj+AKfhI49Y9oM4qNGCzrC2CR8yyZoW/agl05xeO3 LXh17oqI2FQjhEYadf77KmxXdKbP3GJkte/+GXhLsB7WMX3R2vdB96fCbCuB0JBOgb7pvn d1PqRq3p/J4fGqQvnKWNCvNV0HXR4NAvQRSpQdiXKQBiMUAm15oZg6YESFOuuhXij6iPPe CA/rdH415LC38+Y/tVZVm1tJ0sIpQbI+er4FMzxL69S7MV7FMuFCbWL7f6kxsBKHmHzYyq 3kT+1Rn5jNN4a4LSTpgOXA8SD4B6tPXMvvle0vsIQU7Muzm+ILiYBNRS2Pee5g== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=zaclys.net header.s=default header.b=Y2ojj9Rb; dmarc=pass (policy=reject) header.from=zaclys.net; spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org X-Migadu-Spam-Score: -5.23 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=zaclys.net header.s=default header.b=Y2ojj9Rb; dmarc=pass (policy=reject) header.from=zaclys.net; spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org X-Migadu-Queue-Id: 75E6BAA78 X-Spam-Score: -5.23 X-Migadu-Scanner: scn0.migadu.com X-TUID: zq8iYQZtieEz --=-t7szRXOPSWxDuiH5pbph Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Tue, 2021-03-30 at 10:26 +0200, Ludovic Court=C3=A8s wrote: > Hi! >=20 > L=C3=A9o Le Bouter skribis: >=20 > > I don't want to give more access than what SSH non-root access > > would > > give, and I think it would be possible to do something helpful in > > GNU > > Guix offloading so it can work even without the offload machine > > trusting the client's store public signing key. >=20 > One possibility would be to give SSH access and nothing more. That > would allow hackers to run: >=20 > GUIX_DAEMON_SOCKET=3Dssh://leo.example.org guix build whatever >=20 > Users would still be able to retrieve build results from your machine > via =E2=80=98guix copy=E2=80=99 or an instance of =E2=80=98guix publish= =E2=80=99 running on the > machine. >=20 > HTH! >=20 > Ludo=E2=80=99. Thank you! I did not know setting daemon address over SSH was possible! --=-t7szRXOPSWxDuiH5pbph Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmBo9lMACgkQRaix6GvN EKZLcxAAtnMq5h50EVtEz+wsLEzj7L1dcJNUnM5SVnZNNLEWfecm0VQNzM4JX9eU pKnosSp9FyX+TwOYtq2FAsrOy3eeqsSog5+cuxtB5SpTgfXP/xoqeiNms0zcCosp zU2/hKRhRCuR0MTnA4USJs4VjbyaECcXDAVj6KQBUhApV04qu4vyD6K+b9EWzywm QXx0DkpsIRzxRoZ/Z0gLANB+2kC+EXW0/OFZceesFjen7dgxFGbuzSSPCP89QvNl jmF1AHzQBs9xeKc30ekZLiN+37NLJUUN9n2wWQb0HfQFbsN3VzETN4TR72EHxEvw 0nFrcP0PQjwlZlE8PtSX9z78HZtPE6HLh4kqf60PwXMvNBf55RtBwZRhjzv/68Fi pPcJuFgP+06Zitt4jgZNrrM/W2pI908kBEs+mh7drjluIgAQ4lZPisoZTJR7gTd+ b9k8b/MM4yXEPnIko4Brujx2whCoqILJQnb7E3u0V6eodkNfMyvthVSaNoNUGuDl PY9aeTONSm5JGzM8llR3FJ/0TexizsoxyHR4js5IOZjoTkndv/a88XzFCt6zd66B 5QzCwgrL7fENnbcvbKoNib9GvV7uPv2nt3cXSw8uAUpvtk1SID+K9TJNnwudK60D wE3NuB1b4XXTQaYWC8+GZPB2GL21lpeucCFsC8iPa+kL4/GDQo8= =EFO6 -----END PGP SIGNATURE----- --=-t7szRXOPSWxDuiH5pbph--