GNU bug report logs - #48923
[PATCH] build: utils: Add ‘call-with-outp

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Package: guix-patches; Reported by: Xinglu Chen <public@HIDDEN>; Keywords: patch; dated Tue, 8 Jun 2021 15:42:01 UTC; Maintainer for guix-patches is guix-patches@HIDDEN.

Message received at 48923 <at> debbugs.gnu.org:


Received: (at 48923) by debbugs.gnu.org; 4 Aug 2021 08:25:38 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Aug 04 04:25:38 2021
Received: from localhost ([127.0.0.1]:42652 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1mBCDa-0002rn-1Z
	for submit <at> debbugs.gnu.org; Wed, 04 Aug 2021 04:25:38 -0400
Received: from h87-96-130-155.cust.a3fiber.se ([87.96.130.155]:48412
 helo=mail.yoctocell.xyz) by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <public@HIDDEN>) id 1mBCDY-0002rb-Mi
 for 48923 <at> debbugs.gnu.org; Wed, 04 Aug 2021 04:25:37 -0400
From: Xinglu Chen <public@HIDDEN>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=yoctocell.xyz;
 s=mail; t=1628065531;
 bh=UlSrWG7ijZxWa6hNIl2IIctQKz24IKVJBhFty+YK8Oc=;
 h=From:To:Cc:Subject:In-Reply-To:References:Date;
 b=QhfG2L3p+JI+PFwu3S9drlpHiJKTjrs20IcD1MWCDGnGEyEQ1r+i9oG5tABuGwhK0
 GTjKE/TK2h1+HYi7DMIMlx03VywWjXawjYmZZEw1da6LAEEVXP2gG8ixYghL9UHgkA
 yZPs0jn4LQ53ADA6Rofuu9YBOZPyclSMqKTlSvA0=
To: 48923 <at> debbugs.gnu.org
Subject: Re: [bug#48923] [PATCH v2] activation: Add =?utf-8?Q?=E2=80=98cal?=
 =?utf-8?Q?l-with-output-file*=E2=80=99?= procedure.
In-Reply-To: <7500e1ba2d55d397d4c105ca189746f78de02d35.1623176839.git.public@HIDDEN>
References: <23ac66d29119c5395fee0e993ea0fe811beefd91.1623166798.git.public@HIDDEN>
 <7500e1ba2d55d397d4c105ca189746f78de02d35.1623176839.git.public@HIDDEN>
Date: Wed, 04 Aug 2021 10:25:30 +0200
Message-ID: <878s1h4nwl.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha256; protocol="application/pgp-signature"
X-Spam-Score: 2.9 (++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview:  Ping! :) 
 Content analysis details:   (2.9 points, 10.0 required)
 pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -0.0 SPF_PASS               SPF: sender matches SPF record
 2.0 PDS_OTHER_BAD_TLD      Untrustworthy TLDs
 [URI: yoctocell.xyz (xyz)]
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 0.5 FROM_SUSPICIOUS_NTLD   From abused NTLD
 0.4 RDNS_DYNAMIC           Delivered to internal network by host with
 dynamic-looking rDNS
 0.0 PDS_RDNS_DYNAMIC_FP    RDNS_DYNAMIC with FP steps
X-Debbugs-Envelope-To: 48923
Cc: Maxime Devos <maximedevos@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: 2.9 (++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 
 Content preview:  Ping! :) 
 
 Content analysis details:   (2.9 points, 10.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -0.0 SPF_PASS               SPF: sender matches SPF record
  2.0 PDS_OTHER_BAD_TLD      Untrustworthy TLDs
                             [URI: yoctocell.xyz (xyz)]
  0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
  0.5 FROM_SUSPICIOUS_NTLD   From abused NTLD
  0.4 RDNS_DYNAMIC           Delivered to internal network by host with
                             dynamic-looking rDNS
  1.0 BULK_RE_SUSP_NTLD      Precedence bulk and RE: from a suspicious TLD
 -1.0 MAILING_LIST_MULTI     Multiple indicators imply a widely-seen list
                             manager
  0.0 PDS_RDNS_DYNAMIC_FP    RDNS_DYNAMIC with FP steps

--=-=-=
Content-Type: text/plain


Ping!  :)

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQJJBAEBCAAzFiEEAVhh4yyK5+SEykIzrPUJmaL7XHkFAmEKTvoVHHB1YmxpY0B5
b2N0b2NlbGwueHl6AAoJEKz1CZmi+1x5TlgP/Rbng1BbATQhbogzK/INHNOQjtSg
bbKCa30rFJvltVmEmNsKNemXfDrS7gndzHl8nZ8QqW8I6PeGSCdg6gWNsvp0SuD7
8ufWuegDBBR/dGLVU7x7nKBfRk/JcXDMRjMepT4aGPzUFQiNzRHzcKzfARRxr+EV
i/If+LOazev18vB8C8v8abtJtujHJaF0KxOXpseqpGjuSp9ergvniBWaVvtX6zrw
+PSEA6jHvE+e8UihBzCo/2B/DUXvSG9hdnOZ7wKlfwsj51r6U9uemlhykTCHkcOQ
3K9n9PAc7sqVi18OehqOA+KI9EnVm8Qf2CZlLfIsn8ngLBzwwYdcLAIkG6fysnmy
FQURVIxwYYHB9oZLW4Mcrlo/MTO52y1rkgq1IfOumDJ8iJeBYj1ziulrsvO3/L5G
pxqK8eKG8XoiP+smgxcIPkmXFxjt1Vj/Bol8R3Gz94LZAoE494AxOl0ClV/yvCow
pC8x1Hc2CgOj9KyL8xEUzO8eNVgPzHEFLiRsr3nZQ/clEpjKsfWNn5uOL/fbo+/d
02BjAiifpSrEJpHYA4ovPP/vTr03wRZydcTvtr5pCl4amxDNF/mzfIZOf2dMiUqJ
I8GZFRp2+Thb3cqiQMNUWQjT71v8yyx1xyd0YZDVss0WD/aBXyZ1+dFUbWlVA1TD
n3RLQKeD84Lu7mv8
=1JjR
-----END PGP SIGNATURE-----
--=-=-=--




Information forwarded to guix-patches@HIDDEN:
bug#48923; Package guix-patches. Full text available.

Message received at 48923 <at> debbugs.gnu.org:


Received: (at 48923) by debbugs.gnu.org; 8 Jun 2021 18:30:27 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jun 08 14:30:27 2021
Received: from localhost ([127.0.0.1]:59781 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1lqgUc-0002qq-NP
	for submit <at> debbugs.gnu.org; Tue, 08 Jun 2021 14:30:27 -0400
Received: from h87-96-130-155.cust.a3fiber.se ([87.96.130.155]:37574
 helo=mail.yoctocell.xyz) by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <public@HIDDEN>) id 1lqgUY-0002qY-Bb
 for 48923 <at> debbugs.gnu.org; Tue, 08 Jun 2021 14:30:25 -0400
From: Xinglu Chen <public@HIDDEN>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=yoctocell.xyz;
 s=mail; t=1623177014;
 bh=915n3rghIFKNR72xC75ghfOJjwcE+tnDEMvdJxYZvNk=;
 h=From:To:Cc:Subject:In-Reply-To:References:Date;
 b=QCWscX/i4wUnCfgCt62AARjsM84PrAXemOJonkG+/fYvoHOxqe4DVc8BnpFACsJm3
 1Fay8hISSKJjt1po3ZocpdQZDzxden19HiTneBpx9/C5+tr+9aJXeILX/m7+KlV7Z9
 DtkCsL79/+QObsEh7BtQijZap6AxYBckSmFM4zKY=
To: 48923 <at> debbugs.gnu.org
Subject: [PATCH v2] activation: Add =?utf-8?Q?=E2=80=98call-with-output-fi?=
 =?utf-8?Q?le*=E2=80=99?= procedure.
In-Reply-To: <23ac66d29119c5395fee0e993ea0fe811beefd91.1623166798.git.public@HIDDEN>
References: <23ac66d29119c5395fee0e993ea0fe811beefd91.1623166798.git.public@HIDDEN>
Message-Id: <7500e1ba2d55d397d4c105ca189746f78de02d35.1623176839.git.public@HIDDEN>
Date: Tue, 08 Jun 2021 20:30:13 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 2.9 (++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 
 Content preview:  Using ‘call-with-output-file*’ instead of ‘call-with-output-file’
    and ‘chmod’ will prevent secrets from being leaked. See <https://issues.guix.gnu.org/48872>.
    * guix/build/activation.scm (call-with-output-file*): New procedure. * doc/guix.texi
    (Activation): New section; document ‘call-with-output-file*’. --- Changes
    since v1: 
 
 Content analysis details:   (2.9 points, 10.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  2.0 PDS_OTHER_BAD_TLD      Untrustworthy TLDs
                             [URI: yoctocell.xyz (xyz)]
  0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.0 SPF_PASS               SPF: sender matches SPF record
  0.5 FROM_SUSPICIOUS_NTLD   From abused NTLD
  0.4 RDNS_DYNAMIC           Delivered to internal network by host with
                             dynamic-looking rDNS
X-Debbugs-Envelope-To: 48923
Cc: Maxime Devos <maximedevos@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: 1.9 (+)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 
 Content preview:  Using ‘call-with-output-file*’ instead of ‘call-with-output-file’
    and ‘chmod’ will prevent secrets from being leaked. See <https://issues.guix.gnu.org/48872>.
    * guix/build/activation.scm (call-with-output-file*): New procedure. * doc/guix.texi
    (Activation): New section; document ‘call-with-output-file*’. --- Changes
    since v1: 
 
 Content analysis details:   (1.9 points, 10.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  2.0 PDS_OTHER_BAD_TLD      Untrustworthy TLDs
                             [URI: yoctocell.xyz (xyz)]
  0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.0 SPF_PASS               SPF: sender matches SPF record
  0.5 FROM_SUSPICIOUS_NTLD   From abused NTLD
  0.4 RDNS_DYNAMIC           Delivered to internal network by host with
                             dynamic-looking rDNS
 -1.0 MAILING_LIST_MULTI     Multiple indicators imply a widely-seen list
                             manager

Using =E2=80=98call-with-output-file*=E2=80=99 instead of =E2=80=98call-wit=
h-output-file=E2=80=99 and =E2=80=98chmod=E2=80=99
will prevent secrets from being leaked.  See
<https://issues.guix.gnu.org/48872>.

* guix/build/activation.scm (call-with-output-file*): New procedure.
* doc/guix.texi (Activation): New section; document =E2=80=98call-with-outp=
ut-file*=E2=80=99.
---
Changes since v1:

* Moved =E2=80=98call-with-output-file*=E2=80=99 from (gnu build utils) to =
(gnu build
  activation).

* Added a =E2=80=9CActivation=E2=80=9D section in the manual to document th=
e new
  procedure.

 doc/guix.texi            | 31 +++++++++++++++++++++++++++++++
 gnu/build/activation.scm | 13 ++++++++++++-
 2 files changed, 43 insertions(+), 1 deletion(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 59b4ac11b4..643c7ff126 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -321,6 +321,7 @@ System Configuration
 * Invoking guix deploy::        Deploying a system configuration to a remo=
te host.
 * Running Guix in a VM::        How to run Guix System in a virtual machin=
e.
 * Defining Services::           Adding new service definitions.
+* Activation::                  Setting up system-wide files and directori=
es.
=20
 Services
=20
@@ -13386,6 +13387,7 @@ instance to support new system services.
 * Invoking guix deploy::        Deploying a system configuration to a remo=
te host.
 * Running Guix in a VM::        How to run Guix System in a virtual machin=
e.
 * Defining Services::           Adding new service definitions.
+* Activation::                  Setting up system-wide files and directori=
es.
 @end menu
=20
 @node Using the Configuration System
@@ -34633,6 +34635,35 @@ system:
 This service represents PID@tie{}1.
 @end defvr
=20
+@node Activation
+@section Activation
+
+@dfn{Activation} is the process that sets up system-wide files and
+directories so that an @code{operating-system} (@pxref{operating-system
+Reference}) configuration becomes active.  This will happen when
+invoking commands like @command{guix system reconfigure} or
+@command{guix system switch-generation}, but not when invoking
+@command{guix system build} (@pxref{Invoking guix system}).
+
+@deffn {Scheme Procedure} call-with-output-file* @var{file} @var{proc} @
+  [#:perms #o666]
+Open FILE for output, set the file permission bits to @var{perms}, and
+call @code{(PROC port)} with the resulting port.
+
+The advantage of using this procedure compared to something like this
+
+@lisp
+(call-with-output-file "FILE"
+  (lambda (port)
+    (display "top secret" port)))
+(chmod "FILE" #o400)
+@end lisp
+
+is that, with the latter, an unpriviliged user could open @var{file}
+before the permission was changed to @code{#o400}, thus making it
+possible to leak sensitive information.
+@end deffn
+
=20
 @node Documentation
 @chapter Documentation
diff --git a/gnu/build/activation.scm b/gnu/build/activation.scm
index 2af1d44b5f..0054079cb6 100644
--- a/gnu/build/activation.scm
+++ b/gnu/build/activation.scm
@@ -6,6 +6,7 @@
 ;;; Copyright =C2=A9 2018 Arun Isaac <arunisaac@HIDDEN>
 ;;; Copyright =C2=A9 2018, 2019 Ricardo Wurmus <rekado@HIDDEN>
 ;;; Copyright =C2=A9 2021 Maxime Devos <maximedevos@HIDDEN>
+;;; Copyright =C2=A9 2021 Xinglu Chen <public@HIDDEN>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -34,6 +35,7 @@
   #:use-module (srfi srfi-1)
   #:use-module (srfi srfi-11)
   #:use-module (srfi srfi-26)
+  #:use-module (srfi srfi-60)
   #:export (activate-users+groups
             activate-user-home
             activate-etc
@@ -43,7 +45,8 @@
             activate-firmware
             activate-ptrace-attach
             activate-current-system
-            mkdir-p/perms))
+            mkdir-p/perms
+            call-with-output-file*))
=20
 ;;; Commentary:
 ;;;
@@ -102,6 +105,14 @@ Warning: this is currently suspect to a TOCTTOU race!"
   (chown directory (passwd:uid owner) (passwd:gid owner))
   (chmod directory bits))
=20
+;; Prevent secrets from leaking, see <https://issues.guix.gnu.org/48872>
+(define* (call-with-output-file* file proc #:key (perms #o666))
+  "FILE should be string containg the path to a file, PROC should be a pro=
cedure
+that accepts the port as an argument, and PERMS should be the permission b=
its
+of the file, the default is 666."
+  (let ((port (open file (bitwise-ior O_WRONLY O_CREAT) perms)))
+    (call-with-port port proc)))
+
 (define* (copy-account-skeletons home
                                  #:key
                                  (directory %skeleton-directory)

base-commit: 503c2039a280dd52a751a6852b4157fccd1b4195
--=20
2.32.0






Information forwarded to guix-patches@HIDDEN:
bug#48923; Package guix-patches. Full text available.

Message received at 48923 <at> debbugs.gnu.org:


Received: (at 48923) by debbugs.gnu.org; 8 Jun 2021 18:05:16 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jun 08 14:05:16 2021
Received: from localhost ([127.0.0.1]:59752 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1lqg6C-0002Cn-Hn
	for submit <at> debbugs.gnu.org; Tue, 08 Jun 2021 14:05:16 -0400
Received: from h87-96-130-155.cust.a3fiber.se ([87.96.130.155]:37038
 helo=mail.yoctocell.xyz) by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <public@HIDDEN>) id 1lqg66-0002C1-Ba
 for 48923 <at> debbugs.gnu.org; Tue, 08 Jun 2021 14:05:10 -0400
From: Xinglu Chen <public@HIDDEN>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=yoctocell.xyz;
 s=mail; t=1623175498;
 bh=8kvQp0dp38H1cWOWMi5narMYUWfBiL12+TFbmos5K/w=;
 h=From:To:Subject:In-Reply-To:References:Date;
 b=M4sX5vDLMl8K1a4FsMSDcs1MDdPIjT+RevvwCyrLMihpdkxYxT+B7xAa0Y0r9jk5+
 d1wnr/vPMysfAIIj/r7MiYldJiMprIIaeGJcupbswutvqS0rcyvTkBZ1umT6DHxbzT
 Hf/RC+CbzBK+pp9mO2xn1nmKvEhPurXJHj0QtyL0=
To: Maxime Devos <maximedevos@HIDDEN>, 48923 <at> debbugs.gnu.org
Subject: Re: [bug#48923] [PATCH] build: utils: Add =?utf-8?Q?=E2=80=98call?=
 =?utf-8?Q?-with-outp?=
In-Reply-To: <38b69976891db7870992091d9eb3aa7aeb20e471.camel@HIDDEN>
References: <23ac66d29119c5395fee0e993ea0fe811beefd91.1623166798.git.public@HIDDEN>
 <a0972b8b687b465ceb341454a6a01a16bf4a444a.camel@HIDDEN>
 <871r9cgsxk.fsf@HIDDEN>
 <38b69976891db7870992091d9eb3aa7aeb20e471.camel@HIDDEN>
Date: Tue, 08 Jun 2021 20:04:57 +0200
Message-ID: <87wnr4fd12.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha256; protocol="application/pgp-signature"
X-Spam-Score: 2.9 (++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview:  On Tue, Jun 08 2021, Maxime Devos wrote: >> > > diff --git
 a/guix/build/utils.scm b/guix/build/utils.scm >> > > index
 419c10195b..df960eee84
 100644 >> > > --- a/guix/build/utils.scm >> > > +++ b/guix/build/utils.scm
 >> > > @@ -5,6 +5,7 @@ >> [...] 
 Content analysis details:   (2.9 points, 10.0 required)
 pts rule name              description
 ---- ---------------------- --------------------------------------------------
 2.0 PDS_OTHER_BAD_TLD      Untrustworthy TLDs
 [URI: yoctocell.xyz (xyz)]
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.0 SPF_PASS               SPF: sender matches SPF record
 0.5 FROM_SUSPICIOUS_NTLD   From abused NTLD
 0.4 RDNS_DYNAMIC           Delivered to internal network by host with
 dynamic-looking rDNS
X-Debbugs-Envelope-To: 48923
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: 2.9 (++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 
 Content preview:  On Tue, Jun 08 2021, Maxime Devos wrote: >> > > diff --git
    a/guix/build/utils.scm b/guix/build/utils.scm >> > > index 419c10195b..df960eee84
    100644 >> > > --- a/guix/build/utils.scm >> > > +++ b/guix/build/utils.scm
    >> > > @@ -5,6 +5,7 @@ >> [...] 
 
 Content analysis details:   (2.9 points, 10.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  2.0 PDS_OTHER_BAD_TLD      Untrustworthy TLDs
                             [URI: yoctocell.xyz (xyz)]
  0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.0 SPF_PASS               SPF: sender matches SPF record
  0.5 FROM_SUSPICIOUS_NTLD   From abused NTLD
  0.4 RDNS_DYNAMIC           Delivered to internal network by host with
                             dynamic-looking rDNS
  1.0 BULK_RE_SUSP_NTLD      Precedence bulk and RE: from a suspicious TLD
 -1.0 MAILING_LIST_MULTI     Multiple indicators imply a widely-seen list
                             manager

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

On Tue, Jun 08 2021, Maxime Devos wrote:

>> > > diff --git a/guix/build/utils.scm b/guix/build/utils.scm
>> > > index 419c10195b..df960eee84 100644
>> > > --- a/guix/build/utils.scm
>> > > +++ b/guix/build/utils.scm
>> > > @@ -5,6 +5,7 @@
>> >=20
>> > Modifying (guix build utils) entails a world-rebuild, as
>> > (guix build utils) is used by the build code of practically
>> > every package. I would suggest placing it in (gnu build activation)
>> > instead.
>>=20
>> Oh, I didn=E2=80=99t think about that.  Moving it to (gnu build activati=
on)
>> seems like a good option.
>>=20
>> Should I create a new =E2=80=9CActivation=E2=80=9D section in the manual=
, or should I
>> keep it in the =E2=80=9CBuild Utilities=E2=80=9D section?
>
> The procedure isn't available during package building
> (well, (gnu build activation) _could_ be imported in a package definition
> using #:imported-modules & #:modules but it is not supposed to be used li=
ke
> that), so =E2=80=98Build Utilities=E2=80=99 doesn't seem appropriate, thu=
s I'd suggest creating
> an "Activation" section in the manual.
>
> Maybe under =E2=80=98Programming Reference=E2=80=99, or after =E2=80=98De=
fining Services=E2=80=99 in
> the =E2=80=98System configuration=E2=80=99 chapter?

OK, sounds good to me!


--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQJJBAEBCAAzFiEEAVhh4yyK5+SEykIzrPUJmaL7XHkFAmC/sUkVHHB1YmxpY0B5
b2N0b2NlbGwueHl6AAoJEKz1CZmi+1x5EKoP/jHfDpk2/kjtkbb6LnheSR3cXudo
oyL2Z07XYZAUWZZ/s/Qx8xixf/o2mluedFofoOZqOHP4997+AUgRVi7FGOTDJU4h
qWfx8BOrAHCtuRQ9dNcJgLpudKxQM50hWyy0Y3EywKWGTMTFOvrKGbDHihRXw8ll
twT7pZuUVyuhnz4ohhUMzDGtLyqFN5/d61SZOuDOc7ir6PPwvfAkkp09KIhVnuUW
mDpyCyYvDnqeEbGNxMOiEyZEydi7/7Ry8jv4NR5YmvTRRgb/7c2txrd7dPKU/3fN
Qdr986F6qbuIBZp6YmvFZufmR6MDuorYRhreR7xke8sLwQ3K88dKjICxnD/FKSht
lSjB7Yif/KtIOT0Fh4Q8OELT+xHwMpqiUmUIF/BHuOKazZ+jFSVZAPQnQ94haag6
sO4OZknEgnbQZ5kWVhAsAUCkPQVgdUAY5idgDmPHnCv1nUDqjBJSPjF9Mpf0ANS9
qO4Abl/qs2ndyqzapx4SilIsOy1k2MerMWnsiSGAldHePaZF9ZPktjXd9I0CYFm1
8uQiIwnPh4dr6g0/hn7hp6QviR93FrZHiPrGXVNjNctmArh3/+MYCz4z9iXmXupp
8UvB7AKfDvbYBkmOwps7bdeTicAZL6e40In+QJOfVw/uRs2MeeXTvzhRrODXDlBF
z4cjnvNh0PeSLQeX
=DeU2
-----END PGP SIGNATURE-----
--=-=-=--




Information forwarded to guix-patches@HIDDEN:
bug#48923; Package guix-patches. Full text available.

Message received at 48923 <at> debbugs.gnu.org:


Received: (at 48923) by debbugs.gnu.org; 8 Jun 2021 17:46:07 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jun 08 13:46:07 2021
Received: from localhost ([127.0.0.1]:59729 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1lqfnf-0001ij-Cd
	for submit <at> debbugs.gnu.org; Tue, 08 Jun 2021 13:46:06 -0400
Received: from albert.telenet-ops.be ([195.130.137.90]:48404)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maximedevos@HIDDEN>) id 1lqfnZ-0001hl-G2
 for 48923 <at> debbugs.gnu.org; Tue, 08 Jun 2021 13:46:01 -0400
Received: from ptr-bvsjgyjmffd7q9timvx.18120a2.ip6.access.telenet.be
 ([IPv6:2a02:1811:8c09:9d00:aaf1:9810:a0b8:a55d])
 by albert.telenet-ops.be with bizsmtp
 id Ehlv250090mfAB406hlvCz; Tue, 08 Jun 2021 19:45:55 +0200
Message-ID: <38b69976891db7870992091d9eb3aa7aeb20e471.camel@HIDDEN>
Subject: Re: [bug#48923] [PATCH] build: utils: Add
 =?UTF-8?Q?=E2=80=98call-with-outp?=
From: Maxime Devos <maximedevos@HIDDEN>
To: Xinglu Chen <public@HIDDEN>, 48923 <at> debbugs.gnu.org
Date: Tue, 08 Jun 2021 19:45:49 +0200
In-Reply-To: <871r9cgsxk.fsf@HIDDEN>
References: <23ac66d29119c5395fee0e993ea0fe811beefd91.1623166798.git.public@HIDDEN>
 <a0972b8b687b465ceb341454a6a01a16bf4a444a.camel@HIDDEN>
 <871r9cgsxk.fsf@HIDDEN>
Content-Type: multipart/signed; micalg="pgp-sha512";
 protocol="application/pgp-signature"; boundary="=-2OpVFUCOWBmnTF+zCPtt"
User-Agent: Evolution 3.34.2 
MIME-Version: 1.0
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r21;
 t=1623174355; bh=3w+A25UCK3nmU3MpdW6IqmLyfWqIADrDOrGQJ1rGRDU=;
 h=Subject:From:To:Date:In-Reply-To:References;
 b=BQ6qXhEru7zHAgkt7LYMjdA2pGfiRJrREljFkByq3oRch2rgTTJwYGauNNdjXbvzF
 taOVygrj1WAffd83/YTMub/S1lIZLIyTyA8ba2kSrztNdPawqTKxeRo9xHkfbVHcvc
 LmfLBq3rVbm0ZSErVKofJ/P0QvwsxzrM2nq2FTt47XU5iw7znHg/eJH9IdV+8cxcl0
 o79lfSEdFUYBcoRvVQwQw3bgbHMxToLV5PpRgddcBIFZos1hi63P7HZEzmsj+W52X3
 1nxVpeBoA8sBmk+oI3oUCGSpxJGgy5KaTy4D1q+U1HJ63RhFIgYx7+Y2HyJWjxFKA3
 AHkZFQW4/qWQQ==
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 48923
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)


--=-2OpVFUCOWBmnTF+zCPtt
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Xinglu Chen schreef op di 08-06-2021 om 19:36 [+0200]:
> On Tue, Jun 08 2021, Maxime Devos wrote:
>=20
> > Xinglu Chen schreef op di 08-06-2021 om 17:40 [+0200]:
> > > Using =E2=80=98call-with-output-file*=E2=80=99 instead of =E2=80=98ca=
ll-with-output-file=E2=80=99 and =E2=80=98chmod=E2=80=99
> > > will prevent secrets from being leaked.  See
> > > <https://issues.guix.gnu.org/48872>;;.
> >=20
> > This procedure LGTM (but I didn't test).
> > However,
> >=20
> > > diff --git a/guix/build/utils.scm b/guix/build/utils.scm
> > > index 419c10195b..df960eee84 100644
> > > --- a/guix/build/utils.scm
> > > +++ b/guix/build/utils.scm
> > > @@ -5,6 +5,7 @@
> >=20
> > Modifying (guix build utils) entails a world-rebuild, as
> > (guix build utils) is used by the build code of practically
> > every package. I would suggest placing it in (gnu build activation)
> > instead.
>=20
> Oh, I didn=E2=80=99t think about that.  Moving it to (gnu build activatio=
n)
> seems like a good option.
>=20
> Should I create a new =E2=80=9CActivation=E2=80=9D section in the manual,=
 or should I
> keep it in the =E2=80=9CBuild Utilities=E2=80=9D section?

The procedure isn't available during package building
(well, (gnu build activation) _could_ be imported in a package definition
using #:imported-modules & #:modules but it is not supposed to be used like
that), so =E2=80=98Build Utilities=E2=80=99 doesn't seem appropriate, thus =
I'd suggest creating
an "Activation" section in the manual.

Maybe under =E2=80=98Programming Reference=E2=80=99, or after =E2=80=98Defi=
ning Services=E2=80=99 in
the =E2=80=98System configuration=E2=80=99 chapter?

Greetings,
Maxime.

--=-2OpVFUCOWBmnTF+zCPtt
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----

iI0EABYKADUWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCYL+szRccbWF4aW1lZGV2
b3NAdGVsZW5ldC5iZQAKCRBJ4+4iGRcl7pQ5AQCEOJH3eY571Igmx7W/uXxmVMYE
SahmUcwWkpIyGdcXDgEAhwmsk2gyHJ3JQItn0atQA8r2Mq/zslgVvFp6L1q4GAI=
=AWlF
-----END PGP SIGNATURE-----

--=-2OpVFUCOWBmnTF+zCPtt--





Information forwarded to guix-patches@HIDDEN:
bug#48923; Package guix-patches. Full text available.

Message received at 48923 <at> debbugs.gnu.org:


Received: (at 48923) by debbugs.gnu.org; 8 Jun 2021 17:36:19 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jun 08 13:36:19 2021
Received: from localhost ([127.0.0.1]:59712 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1lqfeF-0001Ss-6t
	for submit <at> debbugs.gnu.org; Tue, 08 Jun 2021 13:36:19 -0400
Received: from h87-96-130-155.cust.a3fiber.se ([87.96.130.155]:36402
 helo=mail.yoctocell.xyz) by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <public@HIDDEN>) id 1lqfeD-0001SY-5G
 for 48923 <at> debbugs.gnu.org; Tue, 08 Jun 2021 13:36:18 -0400
From: Xinglu Chen <public@HIDDEN>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=yoctocell.xyz;
 s=mail; t=1623173768;
 bh=SB2I+jzambV+p46cyMJ//DCt+wy08caNkwgjDaZ/8is=;
 h=From:To:Subject:In-Reply-To:References:Date;
 b=CQ3UgJMOTRSaXpv2Ok5qt1uhJZ4Tb98C/ymc83UCwYrm6irlpy9ETJUBFEnRWIX7/
 vCZGholscxhx7B4qvLORpG02JrVq0gPw6az+0yDiRnVhzUwshFVc930CVbc4vYc0/6
 dxTmrK77w+QZaJXTUtbK6Z7VlEtMsqP+2h/tG7xs=
To: Maxime Devos <maximedevos@HIDDEN>, 48923 <at> debbugs.gnu.org
Subject: Re: [bug#48923] [PATCH] build: utils: Add =?utf-8?Q?=E2=80=98call?=
 =?utf-8?Q?-with-outp?=
In-Reply-To: <a0972b8b687b465ceb341454a6a01a16bf4a444a.camel@HIDDEN>
References: <23ac66d29119c5395fee0e993ea0fe811beefd91.1623166798.git.public@HIDDEN>
 <a0972b8b687b465ceb341454a6a01a16bf4a444a.camel@HIDDEN>
Date: Tue, 08 Jun 2021 19:36:07 +0200
Message-ID: <871r9cgsxk.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha256; protocol="application/pgp-signature"
X-Spam-Score: 2.9 (++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 
 Content preview:  On Tue, Jun 08 2021, Maxime Devos wrote: > Xinglu Chen schreef
    op di 08-06-2021 om 17:40 [+0200]: >> Using ‘call-with-output-file*’
   instead of ‘call-with-output-file’ and ‘chmod’ >> will prevent secrets
    from being leaked. See >> [...] 
 
 Content analysis details:   (2.9 points, 10.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  2.0 PDS_OTHER_BAD_TLD      Untrustworthy TLDs
                             [URI: yoctocell.xyz (xyz)]
  0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.0 SPF_PASS               SPF: sender matches SPF record
  0.5 FROM_SUSPICIOUS_NTLD   From abused NTLD
  0.4 RDNS_DYNAMIC           Delivered to internal network by host with
                             dynamic-looking rDNS
X-Debbugs-Envelope-To: 48923
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: 2.9 (++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 
 Content preview:  On Tue, Jun 08 2021, Maxime Devos wrote: > Xinglu Chen schreef
    op di 08-06-2021 om 17:40 [+0200]: >> Using ‘call-with-output-file*’
   instead of ‘call-with-output-file’ and ‘chmod’ >> will prevent secrets
    from being leaked. See >> [...] 
 
 Content analysis details:   (2.9 points, 10.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  2.0 PDS_OTHER_BAD_TLD      Untrustworthy TLDs
                             [URI: yoctocell.xyz (xyz)]
  0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.0 SPF_PASS               SPF: sender matches SPF record
  0.5 FROM_SUSPICIOUS_NTLD   From abused NTLD
  0.4 RDNS_DYNAMIC           Delivered to internal network by host with
                             dynamic-looking rDNS
  1.0 BULK_RE_SUSP_NTLD      Precedence bulk and RE: from a suspicious TLD
 -1.0 MAILING_LIST_MULTI     Multiple indicators imply a widely-seen list
                             manager

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

On Tue, Jun 08 2021, Maxime Devos wrote:

> Xinglu Chen schreef op di 08-06-2021 om 17:40 [+0200]:
>> Using =E2=80=98call-with-output-file*=E2=80=99 instead of =E2=80=98call-=
with-output-file=E2=80=99 and =E2=80=98chmod=E2=80=99
>> will prevent secrets from being leaked.  See
>> <https://issues.guix.gnu.org/48872>;.
>
> This procedure LGTM (but I didn't test).
> However,
>
>> diff --git a/guix/build/utils.scm b/guix/build/utils.scm
>> index 419c10195b..df960eee84 100644
>> --- a/guix/build/utils.scm
>> +++ b/guix/build/utils.scm
>> @@ -5,6 +5,7 @@
>
> Modifying (guix build utils) entails a world-rebuild, as
> (guix build utils) is used by the build code of practically
> every package. I would suggest placing it in (gnu build activation)
> instead.

Oh, I didn=E2=80=99t think about that.  Moving it to (gnu build activation)
seems like a good option.

Should I create a new =E2=80=9CActivation=E2=80=9D section in the manual, o=
r should I
keep it in the =E2=80=9CBuild Utilities=E2=80=9D section?


--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQJJBAEBCAAzFiEEAVhh4yyK5+SEykIzrPUJmaL7XHkFAmC/qocVHHB1YmxpY0B5
b2N0b2NlbGwueHl6AAoJEKz1CZmi+1x5TC4P/j1np4RF2NXviS/KT3BtcK8dyZkX
qUM/pKqCQECwde6hdl1WqDBbMTGdIN0Lrm6YeAcS7OQ7cvzmXyTz7zR/PPd9C3sc
/Z9hRzWDa/7WvecgzRJpd/UDwN3bY3Z0OxDDVnKJd0fIGO4fahQgoTzyumEN/DbP
5QTKIVoSFt4jcxj6yDU97Juz2hx4C8+6puqe+d3taNebMgv+hPcg+4dvjuyLCRMd
vmBHZJR+vsNKraqr5jA8TZc/i8wHczM6UqxDRhzjwGZz+qGkwFq81BjmDrH/3OSK
MD5LM+QgTVuK9+WmkmB+pF0+256+Z6B8pq6NL7u3LT+jZIP5flQWZe4jM4zWzcR8
XK2FbWJQNzbXeXYUNLSVp5QoC3oNjil8f4kZg5RC3zqozdoM2KwPmbN9vdfvu97t
XOpVPwm0iF/2FfXbeHLUX2XyJ1gqlOElqfNf29MxOl95n/4s0QggPVmVgY5aUfDQ
M4FlNUuxZVf9N2CpJZSC1XKpd8dE0Tv/+p9wE97bVeQzGxYUsGkVpHYZ/LNH6Qqj
ENlmVCJMh17hReLj540emht/fZeEhqkBO56WRS0lDb1kNXNz+TQTlCzBaH0dx968
A8y7COq9+XZOUZZI5z/8b4bxyYZF+80p+Sca6wKSHz6175UowKq5GFfnSaxQvWud
TRhzOF7zmKV6jMW9
=OrPB
-----END PGP SIGNATURE-----
--=-=-=--




Information forwarded to guix-patches@HIDDEN:
bug#48923; Package guix-patches. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 8 Jun 2021 16:04:56 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jun 08 12:04:56 2021
Received: from localhost ([127.0.0.1]:59594 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1lqeDo-0005Mo-Aa
	for submit <at> debbugs.gnu.org; Tue, 08 Jun 2021 12:04:56 -0400
Received: from lists.gnu.org ([209.51.188.17]:58576)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maximedevos@HIDDEN>) id 1lqeDm-0005Mh-HQ
 for submit <at> debbugs.gnu.org; Tue, 08 Jun 2021 12:04:55 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:57666)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <maximedevos@HIDDEN>)
 id 1lqeDm-0003az-B5
 for guix-patches@HIDDEN; Tue, 08 Jun 2021 12:04:54 -0400
Received: from xavier.telenet-ops.be ([2a02:1800:120:4::f00:14]:55484)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <maximedevos@HIDDEN>)
 id 1lqeDh-0001wg-Jk
 for guix-patches@HIDDEN; Tue, 08 Jun 2021 12:04:53 -0400
Received: from ptr-bvsjgyjmffd7q9timvx.18120a2.ip6.access.telenet.be
 ([IPv6:2a02:1811:8c09:9d00:aaf1:9810:a0b8:a55d])
 by xavier.telenet-ops.be with bizsmtp
 id Eg4l2500J0mfAB401g4mLU; Tue, 08 Jun 2021 18:04:46 +0200
Message-ID: <a0972b8b687b465ceb341454a6a01a16bf4a444a.camel@HIDDEN>
Subject: Re: [PATCH] build: utils: Add =?UTF-8?Q?=E2=80=98call-with-outp?=
From: Maxime Devos <maximedevos@HIDDEN>
To: Xinglu Chen <public@HIDDEN>, guix-patches@HIDDEN
Date: Tue, 08 Jun 2021 18:04:40 +0200
In-Reply-To: <23ac66d29119c5395fee0e993ea0fe811beefd91.1623166798.git.public@HIDDEN>
References: <23ac66d29119c5395fee0e993ea0fe811beefd91.1623166798.git.public@HIDDEN>
Content-Type: multipart/signed; micalg="pgp-sha512";
 protocol="application/pgp-signature"; boundary="=-/bDaNhRY8gVMLRXAsvIH"
User-Agent: Evolution 3.34.2 
MIME-Version: 1.0
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r21;
 t=1623168286; bh=IAfs37uc0vDJ4XT/2XbJsvK8bCC8/r6PlioQDLiRlAs=;
 h=Subject:From:To:Date:In-Reply-To:References;
 b=Uv08md+IARxk2pEDFO1Q9/rSS2DijW7yZjXptzdlgMD1xekVOnZOfvO0lSkzvv01Y
 r4YDf0IYPPD2gWhB/PexT1GC8Sf/GD5FOMTEZdXlSxyDbYOgVlssCTZmb+pLyMKUbt
 wFPvgas3NU39Bt1SfyKU7E1VIUfx7bd7cW/fMTmd9vYjo+OPepmdysVLCRQFXYXjEw
 Hp8YI+XeFqqX5Or/VWU1RYiz/AP+/UGCZi98GBAO7fqWNQeAgMeruyIm6xA6Ez1A4U
 IrkvCfHodIbo0PsZt79QgTvlr6Lh02Z2ZaIhML39zAmZ9Y3hgOIV40AxViM2JlXKyB
 5JaRJ+aWOISDA==
Received-SPF: pass client-ip=2a02:1800:120:4::f00:14;
 envelope-from=maximedevos@HIDDEN; helo=xavier.telenet-ops.be
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
 RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: -1.3 (-)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -2.3 (--)


--=-/bDaNhRY8gVMLRXAsvIH
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Xinglu Chen schreef op di 08-06-2021 om 17:40 [+0200]:
> Using =E2=80=98call-with-output-file*=E2=80=99 instead of =E2=80=98call-w=
ith-output-file=E2=80=99 and =E2=80=98chmod=E2=80=99
> will prevent secrets from being leaked.  See
> <https://issues.guix.gnu.org/48872>;.

This procedure LGTM (but I didn't test).
However,

> diff --git a/guix/build/utils.scm b/guix/build/utils.scm
> index 419c10195b..df960eee84 100644
> --- a/guix/build/utils.scm
> +++ b/guix/build/utils.scm
> @@ -5,6 +5,7 @@

Modifying (guix build utils) entails a world-rebuild, as
(guix build utils) is used by the build code of practically
every package. I would suggest placing it in (gnu build activation)
instead.

Greetings,
Maxime.

--=-/bDaNhRY8gVMLRXAsvIH
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----

iI0EABYKADUWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCYL+VGBccbWF4aW1lZGV2
b3NAdGVsZW5ldC5iZQAKCRBJ4+4iGRcl7sn3AP9Q6pKw5YWetMIVgjeWgCN42uaU
scRe8qFqFsUznGaPIAD9HpI3QNX1R1oQDIRQD0GWztPZFSDdyo2Dv2phcVrsLAM=
=2xze
-----END PGP SIGNATURE-----

--=-/bDaNhRY8gVMLRXAsvIH--





Information forwarded to guix-patches@HIDDEN:
bug#48923; Package guix-patches. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 8 Jun 2021 15:41:15 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Jun 08 11:41:15 2021
Received: from localhost ([127.0.0.1]:59555 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1lqdqp-0002a8-T5
	for submit <at> debbugs.gnu.org; Tue, 08 Jun 2021 11:41:15 -0400
Received: from lists.gnu.org ([209.51.188.17]:36280)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <public@HIDDEN>) id 1lqdql-0002Zx-FP
 for submit <at> debbugs.gnu.org; Tue, 08 Jun 2021 11:41:10 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:52356)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <public@HIDDEN>)
 id 1lqdql-0002K0-03
 for guix-patches@HIDDEN; Tue, 08 Jun 2021 11:41:07 -0400
Received: from h87-96-130-155.cust.a3fiber.se ([87.96.130.155]:53820
 helo=mail.yoctocell.xyz)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <public@HIDDEN>)
 id 1lqdqh-0002ow-Hf
 for guix-patches@HIDDEN; Tue, 08 Jun 2021 11:41:06 -0400
From: Xinglu Chen <public@HIDDEN>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=yoctocell.xyz;
 s=mail; t=1623166852;
 bh=Cyr65nQYbBHMn8TBQX4HCVmfJ8FIw82qXbvPu88NHlI=;
 h=From:To:Cc:Subject:Date;
 b=hNBlMkTAOYihLPoeG5XM3Td5EGlxkdDE3wyNJeFOjVlIMLhF5xnTvuYEPmgECz3NN
 xvtj1ChvQVQcXo3U0YKDIsbvfDxGS2bz6d9e6CYTNON71DiHcBbY6wZYMDIKY0WgRL
 UcBqXHjdYplHd7xDTCZzqYczkPQhKK4tiym2DpSw=
To: guix-patches@HIDDEN
Subject: [PATCH] =?UTF-8?q?build:=20utils:=20Add=20=E2=80=98call-with-outp?=
Message-Id: <23ac66d29119c5395fee0e993ea0fe811beefd91.1623166798.git.public@HIDDEN>
Date: Tue, 08 Jun 2021 17:40:52 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass client-ip=87.96.130.155; envelope-from=public@HIDDEN;
 helo=mail.yoctocell.xyz
X-Spam_score_int: 29
X-Spam_score: 2.9
X-Spam_bar: ++
X-Spam_report: (2.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
 DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FROM_SUSPICIOUS_NTLD=0.498,
 FROM_SUSPICIOUS_NTLD_FP=1.563, PDS_OTHER_BAD_TLD=1.997, RDNS_DYNAMIC=0.982,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no
X-Spam_action: no action
X-Spam-Score: 2.7 (++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 
 Content preview:  Using ‘call-with-output-file*’ instead of ‘call-with-output-file’
    and ‘chmod’ will prevent secrets from being leaked. See <https://issues.guix.gnu.org/48872>.
    * guix/build/utils.scm (call-with-output-file*): New procedure. * doc/guix.texi
    (Build Utilities): Document it. --- doc/guix.texi | 19 +++++++++++++++++++
    guix/build/utils.scm | 10 ++++++++++ 2 files [...] 
 
 Content analysis details:   (2.7 points, 10.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  2.0 PDS_OTHER_BAD_TLD      Untrustworthy TLDs
                             [URI: yoctocell.xyz (xyz)]
 -0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
  1.0 SPF_SOFTFAIL           SPF: sender does not match SPF record (softfail)
  0.0 RCVD_IN_MSPIKE_H4      RBL: Very Good reputation (+4)
                             [209.51.188.17 listed in wl.mailspike.net]
 -2.3 RCVD_IN_DNSWL_MED      RBL: Sender listed at https://www.dnswl.org/,
                             medium trust
                             [209.51.188.17 listed in list.dnswl.org]
  0.5 FROM_SUSPICIOUS_NTLD   From abused NTLD
  0.0 RCVD_IN_MSPIKE_WL      Mailspike good senders
  1.6 FROM_SUSPICIOUS_NTLD_FP From abused NTLD
X-Debbugs-Envelope-To: submit
Cc: Maxime Devos <maximedevos@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: 0.2 (/)

Using =E2=80=98call-with-output-file*=E2=80=99 instead of =E2=80=98call-wit=
h-output-file=E2=80=99 and =E2=80=98chmod=E2=80=99
will prevent secrets from being leaked.  See
<https://issues.guix.gnu.org/48872>.

* guix/build/utils.scm (call-with-output-file*): New procedure.
* doc/guix.texi (Build Utilities): Document it.
---
 doc/guix.texi        | 19 +++++++++++++++++++
 guix/build/utils.scm | 10 ++++++++++
 2 files changed, 29 insertions(+)

diff --git a/doc/guix.texi b/doc/guix.texi
index 59b4ac11b4..7e15cd9e92 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -8612,6 +8612,25 @@ Be careful about using @code{$} to match the end of =
a line; by itself it
 won't match the terminating newline of a line.
 @end deffn
=20
+@deffn {Scheme Procedure} call-with-output-file* @var{file} @var{proc} @
+  [#:perms #o666]
+Open FILE for output, set the file permission bits to @var{perms}, and
+call @code{(PROC port)} with the resulting port.
+
+The advantage of using this procedure compared to something like this
+
+@lisp
+(call-with-output-file "FILE"
+  (lambda (port)
+    (display "top secret" port)))
+(chmod "FILE" #o400)
+@end lisp
+
+is that, with the latter, an unpriviliged user could open @var{file}
+before the permission was changed to @code{#o400}, thus making it
+possible to leak sensitive information.
+@end deffn
+
 @subsection File Search
=20
 @cindex file, searching
diff --git a/guix/build/utils.scm b/guix/build/utils.scm
index 419c10195b..df960eee84 100644
--- a/guix/build/utils.scm
+++ b/guix/build/utils.scm
@@ -5,6 +5,7 @@
 ;;; Copyright =C2=A9 2015, 2018 Mark H Weaver <mhw@HIDDEN>
 ;;; Copyright =C2=A9 2018 Arun Isaac <arunisaac@HIDDEN>
 ;;; Copyright =C2=A9 2018, 2019 Ricardo Wurmus <rekado@HIDDEN>
+;;; Copyright =C2=A9 2021 Xinglu Chen <public@HIDDEN>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -66,6 +67,7 @@
             file-name-predicate
             find-files
             false-if-file-not-found
+            call-with-output-file*
=20
             search-path-as-list
             set-path-environment-variable
@@ -448,6 +450,14 @@ also be included.  If FAIL-ON-ERROR? is true, raise an=
 exception upon error."
           #f
           (apply throw args)))))
=20
+;; Prevent secrets from leaking, see <https://issues.guix.gnu.org/48872>
+(define* (call-with-output-file* file proc #:key (perms #o666))
+  "FILE should be string containg the path to a file, PROC should be a pro=
cedure
+that accepts the port as an argument, and PERMS should be the permission b=
its
+of the file, the default is 666."
+  (let ((port (open file (bitwise-ior O_WRONLY O_CREAT) perms)))
+    (call-with-port port proc)))
+
 
 ;;;
 ;;; Search paths.

base-commit: 503c2039a280dd52a751a6852b4157fccd1b4195
--=20
2.32.0






Acknowledgement sent to Xinglu Chen <public@HIDDEN>:
New bug report received and forwarded. Copy sent to guix-patches@HIDDEN. Full text available.
Report forwarded to guix-patches@HIDDEN:
bug#48923; Package guix-patches. Full text available.
Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Last modified: Wed, 4 Aug 2021 08:30:02 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.