[bug#50960] [PATCH 00/10] Add 'guix shell' to subsume 'guix environment'

[pelzflorian (Florian Pelz)]

On Mon, Oct 04, 2021 at 10:22:54AM +0200, Ludovic Courtès wrote:
> "pelzflorian (Florian Pelz)" <pelzflorian@pelzflorian.de> skribis:
> > Let’s say I have downloaded undesirable code to a file
> > /home/florian/Downloads/guix.scm and am hacking on source code in
> > /home/florian/Downloads/something/ where I run `guix shell`, but
> > /home/florian/Downloads/something/ does not in fact contain a
> > guix.scm file.  Now I’d have accidentally run the other guix.scm.
> 
> Sure, but it’s all under your control; it’s not very different from
> someone knowingly running “guix build -f guix.scm” on an untrusted file,
> is it?

What I meant is that I may wrongly expect a guix.scm file in
/home/florian/Downloads/something/, but it is not there, so things go
awry.

`guix shell` loading files by default would mean one would have to pay
attention to what one is doing, unlike `guix environment`.  For
example, not save unrelated (not even malicious) code by the name
guix.scm, and not run guix commands without inspecting what they’d do.
This I don’t like.



> We have the advantage that ‘guix shell’ is a new command, so we can
> document it from the start as behaving this way without arguments.

Many people don’t read manuals.

The probability of an accident is low, but it feels not robust.
I can live with either (and am very happy you and others keep
improving Guix), I just don’t think loading by default is a good idea.

Regards,
Florian