Hi Konrad,
Konrad Hinsen <[email protected]> writes:
> $ guix repl -- content-addressed-mirrors-vuln-check.scm
[...]
> In guix/scripts/perform-download.scm:
> 90:7 11 (_ _)
> In ice-9/sandbox.scm:
> 168:2 10 (eval-in-sandbox (map (lambda (proc) (proc "co…" …)) #) …)
> 97:8 9 (call-with-time-limit _ #<procedure 7ffff1f8bb40 at ic…> …)
> 145:13 8 (call-with-allocation-limit _ #<procedure 7ffff1f99ca0…> …)
> In unknown file:
> 7 (call-with-stack-overflow-handler 1250000 #<procedure …> …)
> 6 (eval (map (lambda (proc) (proc "content-addre…" …)) #) #)
> In ice-9/eval.scm:
> 196:43 5 (_ #f)
> 619:8 4 (_ #f)
> 191:27 3 (_ #f)
> 223:20 2 (proc #<module (#{ g108}#) 7ffff1f1df00>)
> In unknown file:
> 1 (%resolve-variable (7 . mkdir) #<module (#{ g108}#) 7ff…>)
> In ice-9/boot-9.scm:
> 1685:16 0 (raise-exception _ #:continuable? _)
>
> ice-9/boot-9.scm:1685:16: In procedure raise-exception:
> error: mkdir: unbound variable
> builder for
> `/gnu/store/wk1wmpjldxpdjb53r827f6nk5j8y8awg-content-addressed-mirrors-vuln-check.drv'
> failed with exit code 1
> content-addressed-mirrors can evaluate arbitrary code, guix-daemon is
> VULNERABLE
No, it actually shows that the fix is in place: above we see the code
evaluated in a “sandbox” (isolated environment) where ‘mkdir’ is
unavailable.
Most likely, the witness /tmp/content-addressed-mirrors-vulnerable was
already present when you ran the test.
Could you try re-running it after doing
“rmdir /tmp/content-addressed-mirrors-vulnerable”?
HTH,
Ludo’.
