bug#73166: shell-autorized-directories

[Nicolas Graves]

On 2024-11-12 09:50, Suhail Singh wrote:

> I was under the impression that the build phase in guix is always
> containerized and without network access.  Could you please elaborate on
> this?

Building a package yes, but you can have external commands in a
manifest.scm or guix.scm.  Saku provided an example in an earlier email
of a valid but dangerous manifest:

```scheme
(system* "rm -rf $HOME")
(specifications->manifest (list "hello"))
```

We could also have one that downloads malicious code, or uploads private
info, the POC is left as an an exercice for the reader ;) 

What I was saying is that we could restrain recording `guix shell --allow`
only if the manifest builds properly containerized and without network
access (outside package building I mean), and otherwise refuse to allow
(failing manifest, possibly because it tries to access the network or
files outside the repo) with a warning message, providing the ability to
restrain "automatic loading" to certain "safer" conditions only.

This would in turn mean that (given the same guix revision) we can
always run a `guix shell --allow`-ed using `guix shell --container`
which actually makes a lot of sense in my use-case.  I don't really know
about other use-cases, but I guess it's the same, even a scheme
developper would probably want a manifest that doesn't depend on files
outside of his repo or the network.  Saku, do you have an opinion on
this?

The downside is that we would have to basically run `guix shell
--container` (and build all there is to build) before being able to run
`guix shell --allow`.

WDYT?

-- 
Best regards,
Nicolas Graves