On Fri, 13 Jun 2014 18:54:53 +0200 Eelco Dolstra <[email protected]> wrote:
> > The path-rewriting proposal is a very bad idea and will cause a lot of > > breakage. For many/enough applications rewriting will not work at all, > > because they might encode paths in data structures or be using a > > non-UTF8 multi-byte encoding. > > Packages that store paths in UTF-16 don't work with Nix anyway, independent > from > hash rewriting, because Nix finds runtime dependencies by scanning for plain > ASCII hashes. To my knowledge we've never encountered such a package in > Nixpkgs. > > This paper has a small evaluation of hash rewriting: > http://nixos.org/~eelco/pubs/secsharing-ase2005-final.pdf (section 6.1) We certainly have. As said, Haskell works that way: while hardcoded paths are commonly stored in UTF-8, serialized text is more likely in UTF-16, because that's the internal format of the Text type. Also continuous path strings are very uncommon, because we use platform-independent combinators to construct paths. Nix' dependency scanning still works most of the time, because paths to other Haskell packages are stored at least in a GHC registration file as continuous strings. It could fail for other requisites like data files from non-Haskell packages. For example the CA certificates are stored in their own derivation. If not half of the system would depend on that derivation, it would most likely be GCed away and Haskell programs would be unable to find them. Rewriting is even worse, because now you are interpreting a structurally rich file as a mere byte-string and then changing things based on vague assumptions. This is dangerous, in particular for ELF files, which are in fact Turing-complete (ELF itself, not the code it contains). Just as a theoretical point consider that the question whether your rewriting algorithm is correct is undecidable in general. More practically you would break half of Hackage. The breakage would range from being as gentle as a Haskell program failing to find certificate files to as severe as a Haskell plugin-based web application (like clckwrks) fatal-error-crashing. As a Haskell developer I must warn you about rewriting. This /will/ cause trouble at least for Haskell. Even the current dependency scanning mechanism is a ticking time bomb for Haskell users, though it did not yet explode for me. > Or even better, ask the admin to use pam_namespace: > > http://www.linux-pam.org/Linux-PAM-html/sag-pam_namespace.html > > And hopefully, one day users won't need to be root to do bind mounts. That would be very useful, yeah. It's probably already possible anyway given the right capability, but I don't know. Greets, Ertugrul -- Ertugrul Söylemez <[email protected]> _______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
