GNU bug report logs - #36699
[PATCH 0/4] Strengthen '.guix-channel' file handling

Previous Next

Package: guix-patches;

Reported by: Ludovic Courtès <ludo <at> gnu.org>

Date: Tue, 16 Jul 2019 23:21:01 UTC

Severity: normal

Tags: patch

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Ludovic Courtès <ludo <at> gnu.org>
To: 36699 <at> debbugs.gnu.org
Subject: [bug#36699] [PATCH 4/4] channels: Reject directories with '..' in '.guix-channel' file.
Date: Wed, 17 Jul 2019 01:29:39 +0200

Ludovic Courtès <ludo <at> gnu.org> skribis:

> +  (define (sane-directory directory)
> +    ;; If DIRECTORY contains '..', raise an error; otherwise return it.
> +    (when (member ".." (string-split directory #\/))
> +      (raise (condition
> +              (&message (message "channel sub-directory must not contain '..'"))
> +              (&error-location (location location)))))
> +    directory)

On second thought, it’s probably kind of useless since the only place
where ‘directory’ is used is in the derivation that builds the channel,
which is normally running in a chroot:

  (let* ((subdir #$directory)
         (source (string-append #$source subdir)))
    (compile-files source go (find-files source "\\.scm$"))
    (mkdir-p (dirname scm))
    (symlink (string-append #$source subdir) scm))

So I guess we can drop this patch.  Thoughts?

Ludo’.

This bug report was last modified 5 years and 328 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #36699 [PATCH 0/4] Strengthen '.guix-channel' file handling

GNU bug report logs - #36699
[PATCH 0/4] Strengthen '.guix-channel' file handling