Hi,
On Thu, 07 Sep 2023 at 19:45, wolf <w...@wolfsden.cz> wrote:
>> The Makefile does not run ‘guix git authenticate’ using ./pre-inst-env.
>> And that’s probably to ensure the source of trust. If one corrupt the
>> commit that is built, then ’make authenticate’ would authenticate the
>> corruption because it would run the corrupted newly built guix command.
>> Currently, ’make authenticate’ run one guix command that had already
>> been authenticated. Well, that’s my understanding.
>
> Hmm, but the recipe for the authenticate rule comes from the (possibly)
> compromised source, no? So the attacker can just modify the recipe instead of
> the command going the authentication. Am I missing something?
Yes, the corruption of Makefile.am can be the corruption I was talking about.
Well, for more explanations one can maybe read:
[bug#57909] bug#57910: [PATCH] Add link to 'pre-inst-env' from
'installing from git' docs
Ludovic Courtès <l...@gnu.org>
Sat, 24 Sep 2022 17:58:29 +0200
id:87k05s7oii.fsf...@gnu.org
https://issues.guix.gnu.org//57910
https://issues.guix.gnu.org/msgid/87k05s7oii.fsf...@gnu.org
https://yhetil.org/guix/87k05s7oii.fsf...@gnu.org
[bug#57909] bug#57910: [PATCH] Add link to 'pre-inst-env' from
'installing from git' docs
Maxime Devos <maximede...@telenet.be>
Sat, 24 Sep 2022 18:23:10 +0200
id:ec49e6c2-a542-7d95-0d73-10b2816c5...@telenet.be
https://issues.guix.gnu.org//57910
https://issues.guix.gnu.org/msgid/ec49e6c2-a542-7d95-0d73-10b2816c5...@telenet.be
https://yhetil.org/guix/ec49e6c2-a542-7d95-0d73-10b2816c5...@telenet.be
Cheers,
simon
