<mekeor[m]>rekado: could any channel author write (system* "rm" -rf" "/") in a scheme-file.scm and destroy the server? hmm is there any nice scheme-way to only eval package-declarations or so? or do i should i e.g. run a docker container containing a guix system with a hpcguix-web service for each channel?
<civodul>mekeor[m]: yes, the assumption is that the channel itself is trusted code