From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms13.migadu.com with LMTPS id GG36Koy4MWcFLAEAqHPOHw:P1 (envelope-from ) for ; Mon, 11 Nov 2024 07:55:56 +0000 Received: from aspmx1.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0.migadu.com with LMTPS id GG36Koy4MWcFLAEAqHPOHw (envelope-from ) for ; Mon, 11 Nov 2024 08:55:56 +0100 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=debbugs.gnu.org header.s=debbugs-gnu-org header.b="JG/pE6sl"; dkim=fail ("headers rsa verify failed") header.d=laesvuori.fi header.s=mail header.b=hJZnEtb2; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org" ARC-Seal: i=1; s=key1; d=yhetil.org; t=1731311756; a=rsa-sha256; cv=none; b=rY1TRj/JNm8f7ouSgat/FmaP9gmkPlN/2SkIkTg3AKLx2Qjj0WoSjkxJHmjkahzKKrThQA 2ka9eCOpu7soVxEK9uXr9olCcn/CYxq78gwsUFDFtelFLx/Jn6lhrdBlHDKutDrZOljeSe rqsXrb3vBDsXTEpxoFipVc4vu8vBXpnsEm02fLdMBa5uR4TCegqbxKdCjJ72Cj9GQkbcBU 7heu0b7GM4cLt6HFub9HukD6u/fRNPWVsZTPHYRyNdg1xELXC5YEJFSPQtVYvgUofISU9I v6B9LJ3BmxMOxrUwzuc0t6JSndKLRoqFteVtg5K+AGnjuvQFFiIYS5AnHq1WdQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=debbugs.gnu.org header.s=debbugs-gnu-org header.b="JG/pE6sl"; dkim=fail ("headers rsa verify failed") header.d=laesvuori.fi header.s=mail header.b=hJZnEtb2; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1731311756; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:in-reply-to:in-reply-to:references:references: list-id:list-help:list-unsubscribe:list-subscribe:list-post: dkim-signature; bh=JjZNCPH8lUvOdLNzqijpHQ6R8ZtXwdNVEorqNe+iuSQ=; b=KAlA1TSgd49lYXqNRm/AeF/zNRzfFzU3sx5Z2M7tkKwzggbucT2wVM6vGQXTEMl51+Knom I1TwWj7qZpTokvjl+Xk47jh5x1ObD7PtBv3UGBr2eQaCasVRKOiPniD5BxKZ5kNfvM7G8A 2PoQUNZ4Zn4JQh7kQx7Rl6v5QsIz2RPAeMdIFour1RZc9rC8LsGbScVRru+g967nMpbAd3 PiZunGDLUkxUBEkMgoUi0Xxh7tFHbWhZE+6neDXBrlbqR0OgFRQhBXZ1PEJol3JjWl0CMf l+tfTp5kiQf/WQogk4epjOse4/cpIN3fcf3XXls7p+7R6LaBwmEYG3hx9wPlew== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id A1C298229A for ; Mon, 11 Nov 2024 08:55:55 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tAPGj-00077k-H9; Mon, 11 Nov 2024 02:55:29 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tAPGK-000720-K8 for bug-guix@gnu.org; Mon, 11 Nov 2024 02:55:05 -0500 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1tAPGJ-0007e3-5e for bug-guix@gnu.org; Mon, 11 Nov 2024 02:55:04 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=In-Reply-To:MIME-Version:References:From:Date:To:Subject; bh=JjZNCPH8lUvOdLNzqijpHQ6R8ZtXwdNVEorqNe+iuSQ=; b=JG/pE6slQy8cWWaWzGwGCNdnyHBJz2+SoqDGGHIS2JFY9/Q3L1AKvnRxY5kGFjjmSWAlhcMjb3pQSOXZqLMFlSratKF1HYXhoTZx9GMp4CiOqoGjFbjRNBk/K8sy0IW7TZv4nIm7cjblM7ILjgQuQo3vuA5xFcN191NgXBWfLzvyoeAkfD+e7ylmy2YBiXag2GyXoM16fu2C65Q5OxJ3xELbsAQhvhzgYzcqQyk4GGMII48hCySkNS8+TW8bjtUFAKcBZ1znjhTJ0SCpavS6xvgFOT4w8HpUWxgCE8V9QGeKBl3edLp6/qOaeYsVqg1+5ccrf8lUSiuxSZ0jJ6Q1tg==; Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1tAPGI-00024A-LH for bug-guix@gnu.org; Mon, 11 Nov 2024 02:55:02 -0500 X-Loop: help-debbugs@gnu.org Subject: bug#73166: shell-autorized-directories Resent-From: Saku Laesvuori Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Mon, 11 Nov 2024 07:55:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 73166 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Nicolas Graves Cc: Ludovic =?UTF-8?Q?Court=C3=A8s?= , 73166@debbugs.gnu.org, Andrew Tropin Received: via spool by 73166-submit@debbugs.gnu.org id=B73166.17313116847908 (code B ref 73166); Mon, 11 Nov 2024 07:55:02 +0000 Received: (at 73166) by debbugs.gnu.org; 11 Nov 2024 07:54:44 +0000 Received: from localhost ([127.0.0.1]:58066 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tAPFz-00023T-7n for submit@debbugs.gnu.org; Mon, 11 Nov 2024 02:54:43 -0500 Received: from vmi571514.contaboserver.net ([75.119.130.101]:52388 helo=mail.laesvuori.fi) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tAPFp-00023D-Iu for 73166@debbugs.gnu.org; Mon, 11 Nov 2024 02:54:39 -0500 Received: from X-kone (host-137-163-31-182.edu.hel.fi [137.163.31.182]) by mail.laesvuori.fi (Postfix) with ESMTPSA id 5E270340816; Mon, 11 Nov 2024 08:54:35 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=laesvuori.fi; s=mail; t=1731311676; bh=4wE36jkvamv6LfQ04/qIs7VeCwKN+Mey9q8qCWS1XgA=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=hJZnEtb2DBHyrY0hVYPl5xuhvDDplFlI7jJDf3Ii7fMDiwdiMq1mWSm7t3Jkef9Z7 7SiydzJtmx26p98a3+u547VuH66Bc9/+cmDtaDZJunr/oBn2WcVE4sE2aNV6Pt5kxX ccRHNaS4DQcFbRj222fqPCBHwHz3DhPsRnZHZJ/Q= Date: Mon, 11 Nov 2024 09:54:22 +0200 Message-ID: References: <877cbjwxs4.fsf@ngraves.fr> <87cyla7c0f.fsf@gnu.org> <87mske8emf.fsf@ngraves.fr> <874j4gpkbn.fsf@ngraves.fr> <87bjyn1ga7.fsf@ngraves.fr> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="6d7pcsj6sfniiuah" Content-Disposition: inline In-Reply-To: <87bjyn1ga7.fsf@ngraves.fr> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-to: Saku Laesvuori From: Saku Laesvuori via Bug reports for GNU Guix Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: bug-guix-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN X-Migadu-Spam-Score: -4.95 X-Spam-Score: -4.95 X-Migadu-Queue-Id: A1C298229A X-Migadu-Scanner: mx10.migadu.com X-TUID: A/2MjmxSvOb3 --6d7pcsj6sfniiuah Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable > > I do agree that it seems more convenient to run `guix shell --allow` > > than copy a rather long line from the hint and run it to append a line > > to shell-authorized-directories. > > > > Authorizing files instead of directories does not seem that great of an > > idea to me. I doubt it really improves security that much. For example, > > all my projects have a .guix/modules/xxx-package.scm file that contains > > the package definition and guix.scm just loads it from that file. > > Malicious code could be added here without touching the guix.scm file at > > all, so the file-based authorization would not notice it. > > > > So this would only increase security when guix.scm does not refer to any > > other files in the untrusted directory. Here it might get quite annoying > > to re-authorize the directory every time every time someone changes the > > version number. >=20 > Thanks for your feedback Saku. >=20 > Indeed, it only increases security for revisions of guix.scm and > manifest.scm, not the repository as a whole. But I think it's the exact > same problematic for tools like direnv (same approach as here) or even > emacs .dir-locals.el (which checks the last modified time of this file > IIRC). They can't vouch for the whole repository, but they can > guarantee that the user explicitely accepted to run a guix.scm or > manifest.scm (respectively a .envrc or .dir-locals.el) that depends on > other files in the repo (that was not a guarantee previously, you could > accept to run a manifest.scm before it depends on files in the repo). Is it common to source other files from direnv or do people normally just set environment variables and run programs from system PATH? If sourcing other files is very rare with direnv and very common with guix shell, comparing the security models is not as useful. I have never used direnv, so I don't know. Maybe it is also often used to source semitrusted files. > I guess there are two use-cases : > 1) scheme development with guix.scm loading local changes: Indeed this > change is not really improving security, but neither is it harmful. This case is a bit broader than just scheme but yes, the change does not really have an impact here. The projects I refered to are mostly written in Haskell. I load the package definitions from other files to guix.scm/manifest.scm just to make the repositories work cleanly as Guix channels. > 2) custom manifest.scm in non-scheme projects (my use-case): Often in > this case you would only change your manifest.scm, and it indeed > increases security (the alternative would have been to automatically add > the -m manifest.scm option but I'm not feeling secure with this > alternative). > More on my use-case: https://lists.sr.ht/~abcdw/rde-devel/patches/54944 Yes, but only slightly, I think. Because loading code from other files is normal with guix manifests (see above), an attacker would first refactor the repository into a guix channel to introduce loading from another file in a non-suspicious way and only after that include the malicious code. > > Thus it seems that file-based authorization will only catch > > false-positives. At least I would refactor my repository to a guix > > channel and load the packaged from there with guix.scm to bypass this > > security mechanism before adding any malicious code. > > > > Hashing the entire untrusted directory could work, but I'm not sure > > would that have acceptable performance in larger cases. >=20 > Another option could be to add the expected output path of the guix > shell invocation in the hash? This could be simpler than hashing the > whole directory. That would only secure the shell environment, but the manifest could still contain something like=20 ```scheme (system* "rm -rf $HOME") (specifications->manifest (list "hello")) ``` where the environment is safe but loading it causes bad side effects. > Although I'm not sure this is convenient for neither use-cases. > Validation with guix shell --allow for every code change is not > convenient. That too. Anyway, I am not opposed to this change. The only effects for my use cases are positive (nicer UI with the --allow flag). I just want to point out that I don't think this makes any attacks significantly harder. - Saku --6d7pcsj6sfniiuah Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEoMkZR3NPB29fCOn/JX0oSiodOjIFAmcxuC0ACgkQJX0oSiod OjLCPBAAmI/c62onOvtXTug6b3UHiN6Z5H7cYgHb6GbnNTLPjgQfiXzP0pBV5QlF an22vynCp+g52y5WVGNylBCRDklgYyJZQGwkl0Dpp1MWjnrl2LzMFD8+QpVlqVqQ ZaVlB2nzceQ4eUnAFcgf+XWlW/1kDUI+HGpvJVvioddVvyJtJ0ki/zxSaUWvlzVI A+6M0WyNiYPegEdI7RRAYb7q0DndNwN0xBSgL1jvyvFySd1SAb+a0QXreRH7P9a7 TVtfxNyfOzSWgL46PyFmcIy9/XJmCPz27plAq8bf2hEywL2FbbL2U0iwCim3Mg/t oCeQZFbVVVI1ku2WlMurjPQc4pUjr/z+/tAWztW++qPcR3dbg7ZaXBNeH+5J1PMm gzqzLiZCK2bJhtceCj3XXfyJ0FRjdkkYX3FUxZvz0MW9dQDoKCIcpRKu2TxHnG4a eSG7kGSIAFgt10oFd7JcUhgc/K74MGYNKYmfEvS3U5fteoiPFWuUJclVmXJYYXkR PVl51Ac5Kp8t66JaxaO2T98R5x85yWNpMZ4Q9zA90k3+aOJBAvJ7q5fUwytJ5nXy h7CNXbLnh9mEdTgLv+/GZy3eDuJmd4rVb4zpSGBqyheS7UhTV5N+WAnMi17GyTSv dslGY44ofaohaol7xxu/Voz4uoHQJXGa/549MZwfYPytRXFco/k= =4w/O -----END PGP SIGNATURE----- --6d7pcsj6sfniiuah--