Suhail Singh <suhailsingh...@gmail.com> skribis: > Ludovic Courtès <l...@gnu.org> writes: > >> I’m not sure how to integrate it though: in the general case, we >> probably want to keep authentication enabled by default, but how to >> allow users to easily disable it when using a personal checkout? > > Could you please elaborate on what the challenge is? > > Is the challenge in inferring when they are using a personal checkout? > Would it be a challenge to have the user provide an option instead? > Said option could either be passed in explicitly every-time, or a > command provided to allow the user to set/unset the option (which would > get stored, say, in .git/config under guix "authentication") and the > code updated to read the preference from there.
The challenge is in determining that Guix is running from a local checkout. Now that I think about it, it’s not that hard: ./pre-inst-env sets ‘GUIX_UNINSTALLED’. So we could do: #:authenticate? (not (getenv "GUIX_UNINSTALLED")) Problem is that an attacker could lead a user to disable authentication by getting them to set this seemingly unrelated environment variable. The ‘.git/config’ option you propose is not available because that all happens with the Guix-managed cached checkout under ~/.cache/guix/checkouts. Maybe a specific environment variable would do? Ludo’.
