IRC channel logs

2024-04-04.log

back to list of logs

<remyd1>Hi there, I am looking at the documentation https://guix.gnu.org/manual/en/html_node/Security-Updates.html#Security-Updates
<remyd1>Is `guix lint -c cve` scanning all the user profiles when launched as root ?
<civodul>remyd1: hi! no, it only looks at the packages specified on the command line, regardless of whether they’re installed on your system or not
<civodul>there’s a plan to do what you describe but it’s not there yet
<remyd1>Ok; so let's say a bad user on a cluster want to use a non patched version of OpenSSH it is still possible ?
<civodul>it is possible, but the admin gets to decide which sshd listens on port 22
<civodul>(it is possible regardless of Guix: users can always build things by hand in their home dir)
<remyd1>civodul, thanks; I see
<remyd1>And what about upgrades with guix pull && guix upgrade ? Running at root should only upgrade root's packages ? Am I right ?
<civodul>yes
<remyd1>Ok ok
<remyd1>thanks civodul