I know this would be massively backward incompatible and it can't be done... but I'd love 'guix shell' to default to '--no-cwd', that's what I want to do 90% of the time.
More than that, regardless of the usage frequency, '--no-cwd' is the safest option and I think it should be the default.
I know... alias etc.
[#]guix
=> More informations about this toot | More toots from fnat@social.coop
@fnat I think >90% of the time I want the current directory in the container, because I'm operating on some files that I care about.
With Guix shell I'm usually I'm using a container to isolate what I'm doing from some system state, though. I almost never use it for security reasons.
=> More informations about this toot | More toots from carlozancanaro@aus.social
@carlozancanaro Hi Carlo, thanks.
That's why I added "regardless of usage frequency". Design choices should be weighted on their security implications, not only usage statistics. Safest should be the default.
Perhaps my use case is a bit niche, but my security/usability senses tingle every time I forget to use '--no-cwd'.
=> More informations about this toot | More toots from fnat@social.coop
@fnat I think it's more about making the defaults match the purpose of the tool. In the manual "(guix) Invoking guix shell" starts: "The purpose of ‘guix shell’ is to make it easy to create one-off software environments, without changing one’s profile. It is typically used to create development environments; it is also a convenient way to run applications without “polluting” your profile."
Later, when discussing the --container option it is first introduced as a tool for isolating from system-wide resources on foreign distros. It then goes on to mention security as a secondary application: "This ‘--container’ option can also prove useful if you wish to run a security-sensitive application, such as a web browser, in an isolated environment."
The primary purpose of the "guix shell" command isn't secure isolation, so it's reasonable for it to default to exposing the files that a user is most likely going to want to use - the working directory. I understand that might not be what you want if you see it as a security tool, but increasing friction for the intended use doesn't seem like the right solution to me.
=> More informations about this toot | More toots from carlozancanaro@aus.social
@carlozancanaro Hey Carlo, thanks for quoting various relevant bits of the manual. I must have formed my personal mental model of the tool and, in turn, that must have given me a slightly-misplaced expectation.
I think I'd have designed things slightly differently but, as you point out, there are historical reasons and common use cases behind the current design.
It's probably a bit of a "you're holding it wrong" problem then! (On my side, I mean.)
Thanks for all the input! 🙏
=> More informations about this toot | More toots from fnat@social.coop
@fnat Ah that’s interesting because I never use ’--no-cwd’ and I am able to count the number of times when I run it. 😀
Well, I think what is missing to Guix is a kind of ~/.guix configuration file. Because it could be nice to be able to set some options. Well, something as Git.
=> More informations about this toot | More toots from zimoun@sciences.re
@zimoun Hey Simon, thanks.
Re the relative usage of default vs '--no-cwd', perhaps it's just that I'm coming from a pretty niche use case. (But my reflex arc tells me the safest option should still be the default.)
Re the init file, that's interesting, I'll think about it.
Plenty of things to talk about at Guix Days! 🙏🚀
=> More informations about this toot | More toots from fnat@social.coop
@fnat For development, I do “cd ~/src/code; guix shell -CP” and in that case, I wouldn’t want to be ‘--no-cwd’.
=> More informations about this toot | More toots from civodul@toot.aquilenet.fr
@civodul Hey Ludo, thanks!
Yes, this is the feedback that I've got from pretty much everyone - which means that I must be looking at this from a bit of a niche angle/use case.
It's easy to add '--no-cwd' or create a personal wrapper, so that's totally fine! Ty!!
=> More informations about this toot | More toots from fnat@social.coop This content has been proxied by September (3851b).Proxy Information
text/gemini