From: Konrad Hinsen <konrad.hinsen@fastmail.net>
To: Andy Wingo <wingo@igalia.com>
Cc: guix-devel@gnu.org
Subject: Re: Profiles/manifests-related command line interface enhancements
Date: Tue, 12 Nov 2019 21:07:07 +0100 [thread overview]
Message-ID: <m1r22cc104.fsf@khs-macbook.home> (raw)
In-Reply-To: <87ftit324g.fsf@igalia.com>
Hi Andy,
> I wrote this for that purpose:
>
> https://www.gnu.org/software/guile/manual/html_node/Sandboxed-Evaluation.html
Right, I had found this when searching for something. It seems to solve
a couple of problems that I don't quite understand, but not so much
those I do (file/network access). Would be nice to see this extended.
> In practice Guix's "containerized" build jobs are much more effective
> than in-language barriers.
Indeed, but if Guix is compromised by malware, the build jobs may build
code that has already been tampered with.
Maybe one could have config and manifest files interpreted by the build
daemon for safety. Except that some manifest files (read: mine) need
read access to the file system.
Cheers,
Konrad.
next prev parent reply other threads:[~2019-11-12 20:07 UTC|newest]
Thread overview: 73+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-23 16:37 Profiles/manifests-related command line interface enhancements Pierre Neidhardt
2019-10-24 9:00 ` Mark H Weaver
2019-10-24 9:32 ` Pierre Neidhardt
2019-10-24 16:28 ` Pierre Neidhardt
2019-10-24 16:42 ` Danny Milosavljevic
2019-10-24 18:16 ` Pierre Neidhardt
2019-10-24 19:23 ` Mark H Weaver
2019-10-24 20:04 ` Pierre Neidhardt
2019-10-24 21:35 ` Mark H Weaver
2019-10-25 9:29 ` Pierre Neidhardt
2019-10-31 11:38 ` Pierre Neidhardt
2019-11-03 14:18 ` Ludovic Courtès
2019-11-04 10:39 ` Pierre Neidhardt
2019-11-04 11:06 ` zimoun
2019-11-05 6:26 ` Konrad Hinsen
2019-11-05 8:35 ` Hartmut Goebel
2019-11-05 9:03 ` Konrad Hinsen
2019-11-05 9:09 ` Hartmut Goebel
2019-11-05 9:22 ` Pierre Neidhardt
2019-11-05 15:36 ` zimoun
2019-11-05 16:05 ` Konrad Hinsen
2019-11-06 12:09 ` zimoun
2019-11-07 13:07 ` Konrad Hinsen
2019-11-06 17:07 ` Ludovic Courtès
2019-11-06 22:21 ` Bengt Richter
2019-11-07 13:52 ` Konrad Hinsen
2019-11-06 16:35 ` Ludovic Courtès
2019-11-07 7:46 ` Konrad Hinsen
2019-11-07 9:04 ` Pierre Neidhardt
2019-11-07 11:14 ` Konrad Hinsen
2019-11-07 11:36 ` Pierre Neidhardt
2019-11-09 17:59 ` Ludovic Courtès
2019-11-10 9:36 ` Konrad Hinsen
2019-11-11 15:56 ` A better XML, config is code (was Re: Profiles/manifests-related command line...) Giovanni Biscuolo
2019-11-13 15:28 ` Konrad Hinsen
2019-11-12 8:55 ` Profiles/manifests-related command line interface enhancements Andy Wingo
2019-11-12 20:07 ` Konrad Hinsen [this message]
2019-11-13 20:58 ` Bengt Richter
2019-11-16 22:02 ` Ludovic Courtès
2019-11-17 10:44 ` Konrad Hinsen
2019-11-18 14:25 ` zimoun
2019-11-19 10:24 ` Konrad Hinsen
2019-11-23 17:10 ` Ludovic Courtès
2019-11-25 11:06 ` Konrad Hinsen
2019-11-26 9:51 ` On DSLs Ludovic Courtès
2019-12-02 19:05 ` zimoun
2019-12-02 19:11 ` Julien Lepiller
2019-12-03 10:19 ` Konrad Hinsen
2019-12-03 14:12 ` Ricardo Wurmus
2019-12-03 15:46 ` zimoun
2019-12-04 6:33 ` Bengt Richter
2019-12-10 16:26 ` Ludovic Courtès
2019-12-08 8:48 ` Konrad Hinsen
2019-12-03 10:26 ` Konrad Hinsen
2019-12-03 12:00 ` zimoun
2019-11-11 14:13 ` Profiles/manifests-related command line interface enhancements Hartmut Goebel
2019-11-16 22:27 ` Ludovic Courtès
2019-11-17 11:30 ` Konrad Hinsen
2019-11-18 14:40 ` zimoun
2019-12-22 19:40 ` Andreas Enge
2019-12-22 20:39 ` Pjotr Prins
2019-11-18 14:15 ` zimoun
2019-11-26 9:36 ` Ludovic Courtès
2019-11-06 16:42 ` Ludovic Courtès
2019-11-07 12:57 ` zimoun
2019-11-17 10:35 ` Package inputs in manifests Ludovic Courtès
2019-11-17 23:11 ` Bengt Richter
2019-11-18 17:14 ` zimoun
2019-11-23 14:05 ` Ludovic Courtès
2019-11-24 5:49 ` Bengt Richter
2019-11-24 7:17 ` Timothy Sample
2019-11-25 3:42 ` Bengt Richter
2019-11-18 16:18 ` zimoun
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m1r22cc104.fsf@khs-macbook.home \
--to=konrad.hinsen@fastmail.net \
--cc=guix-devel@gnu.org \
--cc=wingo@igalia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.