[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#51833: (No Subject)

From: Jacob Hrbek
Subject: bug#51833: (No Subject)
Date: Sun, 14 Nov 2021 09:49:48 +0000

Discussed on IRC/Matrix https://matrix.to/#/!sHzxAiaYPGfEPSGCzf:libera.chat/$TNunZ_vCWYxNGw-XDyCgKyKobccakb2A9noppM8kkTo?via=libera.chat&via=matrix.org&via=tchncs.de concluded to not be a security issue.

My concern was malicious user caching a malicious derivation trying to force root user to invoke it to unleash the payload, but that is not possible due to the use of GPG with the guix repo to prevent injection of malicious DNS server through DHCP.

-- Jacob "Kreyren" Hrbek

Sent with ProtonMail Secure Email.

Attachment: publickey - kreyren@rixotstudio.cz - 0x1677DB82.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]