From debbugs-submit-bounces@debbugs.gnu.org Mon Oct 04 05:23:31 2021 Received: (at 50960) by debbugs.gnu.org; 4 Oct 2021 09:23:31 +0000 Received: from localhost ([127.0.0.1]:35683 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mXKC2-0002y4-Vy for submit@debbugs.gnu.org; Mon, 04 Oct 2021 05:23:31 -0400 Received: from pelzflorian.de ([5.45.111.108]:52084 helo=mail.pelzflorian.de) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mXKBz-0002xu-E3 for 50960@debbugs.gnu.org; Mon, 04 Oct 2021 05:23:29 -0400 Received: from pelzflorian.localdomain (unknown [5.45.111.108]) by mail.pelzflorian.de (Postfix) with ESMTPSA id 4629836069D; Mon, 4 Oct 2021 11:23:26 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=pelzflorian.de; s=mail; t=1633339406; bh=vaUW5qoqj/cNum4CLGZ6LPpMqiE8HfLRm2rgYX397Ok=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=HNSyfVKiPpZhxylce+aK+2aXcy1EgnKI7RaEba1KrZKMP3m8hogLC/nAoEL2GPnVO XrWgV0xCjFnvNdxkXGivw5RXeHOUdny4sPEaGRcJE/oIyostXVL3ABLVWnwYmY2B7k SJ+ukp3knIqx06kf7aA+Zew3L2Cq0gVKXOj2dyds= Date: Mon, 4 Oct 2021 11:23:17 +0200 From: "pelzflorian (Florian Pelz)" To: Ludovic =?utf-8?Q?Court=C3=A8s?= Subject: Re: bug#50960: [PATCH 00/10] Add 'guix shell' to subsume 'guix environment' Message-ID: <20211004092317.576ffl52qm2g2utr@pelzflorian.localdomain> References: <20211002102116.27726-1-ludo@gnu.org> <20211002115958.rzupz4afq7elehq4@pelzflorian.localdomain> <87sfxjzgsv.fsf_-_@gnu.org> <20211002150851.7xa2wdb225dbjtpi@pelzflorian.localdomain> <87ee91ryg1.fsf@gnu.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <87ee91ryg1.fsf@gnu.org> X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 50960 Cc: 50960@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) On Mon, Oct 04, 2021 at 10:22:54AM +0200, Ludovic Courtès wrote: > "pelzflorian (Florian Pelz)" skribis: > > Let’s say I have downloaded undesirable code to a file > > /home/florian/Downloads/guix.scm and am hacking on source code in > > /home/florian/Downloads/something/ where I run `guix shell`, but > > /home/florian/Downloads/something/ does not in fact contain a > > guix.scm file. Now I’d have accidentally run the other guix.scm. > > Sure, but it’s all under your control; it’s not very different from > someone knowingly running “guix build -f guix.scm” on an untrusted file, > is it? What I meant is that I may wrongly expect a guix.scm file in /home/florian/Downloads/something/, but it is not there, so things go awry. `guix shell` loading files by default would mean one would have to pay attention to what one is doing, unlike `guix environment`. For example, not save unrelated (not even malicious) code by the name guix.scm, and not run guix commands without inspecting what they’d do. This I don’t like. > We have the advantage that ‘guix shell’ is a new command, so we can > document it from the start as behaving this way without arguments. Many people don’t read manuals. The probability of an accident is low, but it feels not robust. I can live with either (and am very happy you and others keep improving Guix), I just don’t think loading by default is a good idea. Regards, Florian