Ludovic Courtès schreef op ma 04-10-2021 om 10:34 [+0200]: > Hello! > > Vagrant Cascadian skribis: > > > On 2021-10-02, Ludovic Courtès wrote: > > [...] > > > > 2. ‘guix shell’, without arguments, loads ‘guix.scm’ or ‘manifest.scm’ > > > from the current directory or one of its ancestors. > > > > This sounds a little scary to me, just implicitly importing whatever > > happens to be lying around doesn't sound very guixy... > > Right, it would be the first command that does that. > > I became quite convinced that conventions and, thus, implicit arguments > can occasionally improve usability. We use tools that operate this way > daily: ‘make’, ‘git’, etc. Dave nicely argued about it: 'git' doesn't run binaries in the repository, unless configured otherwise (in .git/config I think). ‘make’ and ‘bundle’ are verbs and are for building source code, which needs to be checked for backdoors anyway, so those programs implicitely reading code from the current directory seems acceptable. "guix sh" seems to be useful outside software development. E.g. I sometimes do "guix environment --pure --ad-hoc minetest various-minetest-mods-... -- minetest", which would become "guix shell --pure minetest various-minetest-mods-... -- minetest". I could very easily accidentally press the enter key after typing "shell" (I write from personal experience), and this could easily happen from within, say, a ~/Downloads directory with an untrusted guix.scm (e.g. downloaded from some rando's site to look at later). Conventions are nice, but loading arbitrary code from the current directory by default is an exploit waiting to happen. This situation seem like including "." in PATH by default to me. Greetings, Maxime