Hello! I'm considering running some software inside a VM created using `guix system vm`. The easiest thing to do would be to run the virtualized software as root. Normally I wouldn't think twice about that, but iiuc the guest will have the host's /store mounted. Am I right that this should make me nervous about running untrusted things as root in the VM? Or is there some trick by which a root process in the VM is prevented from destructively changing /store?
Thanks!
signature.asc
Description: OpenPGP digital signature
