|
From: | Tobias Geerinckx-Rice |
Subject: | bug#37744: Per-user profile directory hijack (CVE-2019-17365 for Nix) |
Date: | Wed, 16 Oct 2019 17:16:47 +0200 |
pelzflorian, pelzflorian (Florian Pelz) 写道:
Why sudo guix pull? It should be without sudo, am I wrong?
Guix on ‘foreign’ distributions uses the root profile for the daemon by default (i.e. in guix-daemon.service).
You could change this to a regular user's profile, but that amounts to giving this user passwordless root access.
Kind regards, T G-R
signature.asc
Description: PGP signature
[Prev in Thread] | Current Thread | [Next in Thread] |