merge 57909 57910 thanks The given example "make authenticate" is insecure, it has a TOCTTOU problem as indicated at : > Moreover, I don't think running 'make authenticate' after 'git pull' > would really work -- after you pulled, git-authenticate could've been > modified, so the verify-commit you did earlier doesn't apply anymore. The solution that was proposed > We can solve it by removing ./pre-inst-env from the command in ‘make > authenticate’. would be undone by the proposed patch. Even then, it remains insecure, as an attacker could have modified the "make authenticate", as explained in more detail at . As such, I think we really shouldn't recommend "make authenticate" (and even remove "make authenticate". In fact, I think we should remove "make authenticate" and replace the instructions with a direct "guix git authenticate ...". As such, I propose that: * you adjust the patch to note that authenticating the checkout is impossible if you don't already have Guix installed (instead of recommending the insecure "make authenticate") * I write a patch removing "make authenticate" and adjusting old uses of "make authenticate" to "guix git authenticate ...". Greetings, Maxime.