[bug#54205] [PATCH v2] Factor out a public FORK-AND-CALL.

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#54205] [PATCH v2] Factor out a public FORK-AND-CALL.

From:	Attila Lendvai
Subject:	[bug#54205] [PATCH v2] Factor out a public FORK-AND-CALL.
Date:	Tue, 01 Mar 2022 13:04:40 +0000

> In general, I think such capabilities should be added to exec-command,
> rather than resorting to a lambda. It takes a little while to realize
> that call-in-fork, fork-and-call or whatever you want to name it is in
> fact not pure evil; mainly because shepherd could in its stead already
> invoke any lambda you throw at it. That being said, one should always
> be aware that this child process runs with the full permissions of
> shepherd, which you normally don't want to do for a service.


does the above mean that you're concerned about the security implications? if
so, then i don't understand, because Guile already allows calling/accessing
private functions/symbols, and thus this change doesn't really increase the
(already enormous) attack surface in the guile codebase.

it does increase the shoot-oneself-in-the-foot-surface a little bit, though.

it's worth pointing out, though, that trusting a channel, and adding a shepherd
service defined by it to the machine's config, is essentially giving root access
to the channel author. and this is already the case, prior to my change.

BTW, can i not already simply pass 0, or "root" as #:user to EXEC-COMMAND?


> In my opinion, it ought to be
>
> > +(define* (fork+apply proc . args)
> [...]
>
> WDYT?


makes sense, i'll update the patch... but given the feedback from the two of
you, should i?

i think i'll abandon this, and implement Maxime's #:rlimits suggestion.

i'm not sure how much better that will be, but at least it won't make future
threading harder, and allows me to make progress with my project.

if anyone prefers the FORK+APPLY version, then do speak up!

--
• attila lendvai
• PGP: 963F 5D5F 45C7 DFCD 0A39
--
“An atheist doesn't have to be someone who thinks he has a proof that there 
can't be a god. He only has to be someone who believes that the evidence on the 
God question is at a similar level to the evidence on the werewolf question.”
        — John McCarthy (1927–2011), father of Lisp

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#54205] [PATCH Shepherd] Factor out a public CALL-IN-FORK., Attila Lendvai, 2022/03/01
- [bug#54205] [PATCH v2] Factor out a public FORK-AND-CALL., Attila Lendvai, 2022/03/01
  - [bug#54205] [PATCH v2] Factor out a public FORK-AND-CALL., Liliana Marie Prikler, 2022/03/01
    - [bug#54205] [PATCH v2] Factor out a public FORK-AND-CALL., Attila Lendvai <=
    - [bug#54205] [PATCH v2] Factor out a public FORK-AND-CALL., Liliana Marie Prikler, 2022/03/01
    - [bug#54205] [PATCH v2] Factor out a public FORK-AND-CALL., Christine Lemmer-Webber, 2022/03/01
- [bug#54205] [PATCH Shepherd] Factor out a public CALL-IN-FORK., Maxime Devos, 2022/03/01
  - [bug#54205] [PATCH Shepherd] Factor out a public CALL-IN-FORK., Ludovic Courtès, 2022/03/02
    - [bug#54205] [PATCH Shepherd] Factor out a public CALL-IN-FORK., Maxime Devos, 2022/03/02
    - [bug#54205] [PATCH Shepherd] Factor out a public CALL-IN-FORK., Attila Lendvai, 2022/03/03
    - bug#54205: [PATCH Shepherd] Factor out a public CALL-IN-FORK., Ludovic Courtès, 2022/03/21

Prev by Date: [bug#54205] [PATCH Shepherd] Factor out a public CALL-IN-FORK.
Next by Date: [bug#54205] [PATCH v2] Factor out a public FORK-AND-CALL.
Previous by thread: [bug#54205] [PATCH v2] Factor out a public FORK-AND-CALL.
Next by thread: [bug#54205] [PATCH v2] Factor out a public FORK-AND-CALL.
Index(es):
- Date
- Thread