From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id +DGJJPkd1WIAOQAAbAwnHQ (envelope-from ) for ; Mon, 18 Jul 2022 10:46:49 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id EFY1I/kd1WKV+QAAG6o9tA (envelope-from ) for ; Mon, 18 Jul 2022 10:46:49 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 2BA35844C for ; Mon, 18 Jul 2022 10:46:49 +0200 (CEST) Received: from localhost ([::1]:33472 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oDMOu-00012C-4Q for larch@yhetil.org; Mon, 18 Jul 2022 04:46:48 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:59588) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oDMNy-0000yp-Rz; Mon, 18 Jul 2022 04:45:51 -0400 Received: from mail2-relais-roc.national.inria.fr ([192.134.164.83]:16930) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oDMNt-0001SG-Hi; Mon, 18 Jul 2022 04:45:48 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=inria.fr; s=dc; h=from:to:cc:subject:references:date:in-reply-to: message-id:mime-version:content-transfer-encoding; bh=c4y4a2G1Bjyu6qR6Y84FZ/hDPHgT20cMiqzlUhv2IFc=; b=OIQnwanMZAzCYEOC5V/6uoNP9BsKIboqlEyKt9++eeVwpmr1l/OFKxbL CjKzIABOp5+IHfFaBpVhV4Sql4+IlPDt2N1NWjQB+XuZwD6xTyokV8aOc 1+zq17m6uq6z48fMiRt9yc7h7SgL5CXVv518i6xFsKwKD0kUSsBMkurHR U=; X-IronPort-AV: E=Sophos;i="5.92,280,1650924000"; d="scan'208";a="45901240" Received: from unknown (HELO ribbon) ([193.50.110.108]) by mail2-relais-roc.national.inria.fr with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Jul 2022 10:45:41 +0200 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: Zhu Zihao Cc: guix-science@gnu.org, guix-devel@gnu.org Subject: Re: =?utf-8?Q?=E2=80=9CBuilding?= a Secure Software Supply Chain with =?utf-8?B?R05VwqBHdWl44oCd?= References: <87zghu5jex.fsf@inria.fr> <86fsj0nnxy.fsf@163.com> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: =?utf-8?Q?D=C3=A9cadi?= 30 Messidor an 230 de la =?utf-8?Q?R=C3=A9volution=2C?= jour de la =?utf-8?Q?Chal=C3=A9mie?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Mon, 18 Jul 2022 10:45:41 +0200 In-Reply-To: <86fsj0nnxy.fsf@163.com> (Zhu Zihao's message of "Sun, 17 Jul 2022 15:54:29 +0800") Message-ID: <87k08a4xmy.fsf@inria.fr> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Received-SPF: pass client-ip=192.134.164.83; envelope-from=ludovic.courtes@inria.fr; helo=mail2-relais-roc.national.inria.fr X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-science@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-science-bounces+larch=yhetil.org@gnu.org Sender: "Guix-Science" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1658134009; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=c4y4a2G1Bjyu6qR6Y84FZ/hDPHgT20cMiqzlUhv2IFc=; b=G8mpm/BqoJznm6+99TBQ6I5kF5tmGyGEc0ypwsc12+16fVsmIKLGw6GnZAJ9lXoStd/vNr 6QAI/X/ewX3Ns6cTwJfkpIszcYHWF6HDIoMyfQ+bj+35Tmile5on2bJjt+G+nmfo0Y5Ml3 wR8EAJATvzJY/QQsbW9hNhk8PFhR1C2c8bRDPB3Tkg90rRcAf871gS5EBa8C5RSMq2KmEs O8DGB/f6i5pTYbSHHmbsLbr573s5OonZ5ySAicsOt+xsps53pWNgtdWpN3f9KdB0aCAYnP av9rG6ZwSyxPEBZ6Y4LJpfhPivhnox+LagvfHaXOYeGz0OOA+9OsYNd71k0WyA== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1658134009; a=rsa-sha256; cv=none; b=W/chx48PhkHRuunAbUo87DKYwI1rKhVdcNAQEFG3NcZ1YG8+8mz6Qj+BDFoMdz5lmj+O3c 0x86Ez8prb0V2lZ6Xj1yiONy0y1kPx4q5IjRFAP41oZ9+UARgVlSSHNHEvTMBNV5M45Sfp rpKKIOuNyMq1/MCMmv4TZPvflQxLl3pIYF/Te49OQc2o1RHq6Ai+z7iDQ5NfO3cQ1z21tC VNUt/yhJ3wKXCKa2NsKV5F3Tozk3LFBGwptgDd787RqaLuNLoE63gLyq7WlT1wOiu1EcGm uYlmPQfzZP5S781+LrrjEaX2nMOzq62l1TDAWBAX+j40KQDgyKLc9LZJ0bdmNQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=inria.fr header.s=dc header.b=OIQnwanM; dmarc=pass (policy=none) header.from=inria.fr; spf=pass (aspmx1.migadu.com: domain of "guix-science-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-science-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -5.13 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=inria.fr header.s=dc header.b=OIQnwanM; dmarc=pass (policy=none) header.from=inria.fr; spf=pass (aspmx1.migadu.com: domain of "guix-science-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-science-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 2BA35844C X-Spam-Score: -5.13 X-Migadu-Scanner: scn1.migadu.com X-TUID: F4QLQTnbXZ6n Hi, Zhu Zihao skribis: > There's still some questions to ask. I'm concerned about the safety of > the evaluation of channel code. IIRC, there's no sandbox for the > evaluation of package in channel. So, it's possible to inject some > side-effect code into a channel like > > ``` > (define-module (my channel code)) > > (display "I'm planning to do evil things here!") > > (define-public some-package ...) > (define-public another-package ...) > ``` Yes. > We have PGP sign and git commit chain to make sure the commits are > committed by trusted people. But it's still possible for the channel > owner to inject malicious code into the channel in a future commit. Like > what Marak Squires did in faker.js project :( or the committer of Guix > was attacked by an evil maid. I=E2=80=99m not aware of the faker.js story, do you have a link? The model here is that users trust authorized committers. When you think about it, there=E2=80=99s no way around it, because at the end of the= day, you=E2=80=99re installing software that an authorized committer added to the channel. To put it differently, side effects in the .scm file as you show above are just one of the many ways an authorized committer could harm users. > In Nix flakes, there's pure evaluation to make sure no side-effectful > code is allowed. But Guix channel is less restricted than a Nix flake. > It's a important problem to make sure the evaluation is safe for the user. Yes, I understand. I don=E2=80=99t think that makes a practical difference though: when you pull from a Guix channel or fetch a Nix flake, that=E2=80= =99s because you want to install software according to what that channel/flake provides. So whether evil code is in the channel/flake (as Scheme/Nix code) or in the package(s) themselves makes little difference. Does that make sense? (Besides, there=E2=80=99s no mechanism for authenticated updates of flakes = or of Nixpkgs, which is the core of the paper.) Thanks for your feedback! Ludo=E2=80=99.