[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#42996: icecat can escape from `guix environment --container`
From: |
Leo Famulari |
Subject: |
bug#42996: icecat can escape from `guix environment --container` |
Date: |
Sun, 23 Aug 2020 12:55:05 -0400 |
I believe that this is expected given the specification of `guix
environment`, which is its chapter in the manual. [0]
It says, "For containers, the default behavior is to share the current
working directory with the isolated container and immediately change to
that directory within the container. If this is undesirable, --no-cwd
will cause the current working directory to not be automatically shared
and will change to the user’s home directory within the container
instead."
For this command, the word "share" means that the shared directories
will be read-write.
Did you use the --no-cwd option? If not, were you able to access any
files outside of the current working directory of the `guix environment
...` command invocation?
[0]
https://guix.gnu.org/manual/en/html_node/Invoking-guix-environment.html#Invoking-guix-environment
signature.asc
Description: PGP signature