On 2/10/21 2:51 AM, Christopher Baines wrote:
I'm not sure you can escape trusting the collection of channels you're using. Because channels are code that's expected to interact, I'm not sure it's easy to target a single package from a specific channel, and expect that this provides some security. A malicious channel could simply reach out and modify the state in modules from a different channel, which would circumvent the protection you're suggesting.
Not that it's necessarily possible to prevent at this moment with the tools available to us, but... is there any case in Guix's normal usage where the modules containing package definitions need to reach out and modify the state in other modules?
