<Profpatsch>
qyliss: Just make spectrum a subfolder of _nixpkgs_
<Profpatsch>
Who said there could only be /nixos? *big brain*
<IdleBot_5e50c57d>
Is there any memory-safe namespace setup tool, by the way? I still think that extra-wrapping VMs in containers does not hurt, but then the path names are passed as string so maaaybe replacing nsjail/minijail is slightly safer if there is an alternative?
<nicoo>
qyliss: Just read the dev docs; that's a nice start <3
<nicoo>
IdleBot_5e50c57d: There's servo/gaol, but it doesn't seem quite as fine-grained as minijail (because gaol aims to be cross-platform)
<IdleBot_5e50c57d>
If it is cross-platform it might even lack mount-namespace-mangling…
<pie_[bnc]>
by the way
<pie_[bnc]>
Ive spammed this on like 5 channels already but there's a new edition of Security Engineering in the works and you can already read it
<pie_[bnc]>
probably put this book on mandatory spectrum reading list or something ;P
<qyliss>
Profpatsch: that's kinda what I was thinking
<pie_[bnc]>
>:D
<qyliss>
The reason I think I might not want to do that though, is that it wouldn't make sense to keep actual software source code in there
<pie_[bnc]>
qyliss: nixos does it already, ok, to a limited extent
<pie_[bnc]>
citation needed
<qyliss>
only for a bunch of shell scripts
<pie_[bnc]>
i think all the nixos- tools are in there
<qyliss>
those are just shell scripts
<pie_[bnc]>
eh ok
<qyliss>
less $(which nixos-rebuild) :)
<pie_[bnc]>
also youre giving everyone write access to spectrum, but arguably you could just have spectrum check that all the commits are signed by you, but idk
<qyliss>
what?
<pie_[bnc]>
*everyone with access to nixpkgs
<pie_[bnc]>
sorry if I say something dumb
<qyliss>
sure
<qyliss>
but I think I would notice while merging if there was suddenly a spectrum/ directory
<qyliss>
but nixpkgs is part of our TCB anyway
<pie_[bnc]>
I...what? I mean if you made a nixpkgs/spectrum
<pie_[bnc]>
but yeah ok good point re tcb
<qyliss>
pie_[bnc]: People with Nixpkgs write access could create a spectrum/ directory to mess with things, but only if I actually merged that version of Nixpkgs in
<qyliss>
Upstream's Nixpkgs isn't pulled into Spectrum's repo automatically
<qyliss>
At least not now
<qyliss>
And even if it was, it would be trivial to ensure that upstream didn't have a spectrum/ directory.
<pie_[bnc]>
for some reason I assumed that the spectrum codebase was separate but now I'm reminded you just have a nixpkgs fork
<qyliss>
Well, that's what this whole conversation has been about
<qyliss>
Right now, there is no seperate Spectrum codebase
<qyliss>
(except for start-vm.nix)
<qyliss>
there'd be nothing to put in it
<qyliss>
because pretty much everything I've done so far has been packaging work
<qyliss>
but at some point, there will be, probably
<IdleBot_5e50c57d>
Most of the work I would expect sounds like also presentable as separate projects
nicoo has quit [Remote host closed the connection]
nicoo has joined #spectrum
<IdleBot_5e50c57d>
Usability implications of «contain all the things»: suddenly, having a local recursive DNS resolver, but also feeding a remote DNS server via SSH to some applications is completely fine
<Shell>
btw, usability implications of DoH by default: captive portals break without some extra work
<IdleBot_5e50c57d>
Of course my prebuilt Firefox profile base forbids DoH
<qyliss>
Shell: are you aware of Tails' Unsafe Browser?
<qyliss>
Basically all traffic on Tails goes through Tor by default, _except_ for Unsafe Browser's?
<qyliss>
idk why I put a ? there
<qyliss>
I think it's a nice model
<qyliss>
If you need to do a captive portal, open this special application for doing that. Otherwise never use it.
<Shell>
nice
<FireFly>
oh, neat model
<qyliss>
Also possible in a Qubes/Spectrum model, of course, but those put the onus on you to set that up
<qyliss>
the thing you just linked or Tails' thing?
<Shell>
the idea of having a separate browser with separate configuration just for doing captive portals
<qyliss>
Oh, right
<Shell>
since you don't have to mess with socks etc, just configure a VM with the right networking stack.
<qyliss>
Yeah, course.
<qyliss>
I'm looking at implementing inter-guest virtio in crosvm atm to enable that sort of thing without touching the host's network stack
<qyliss>
It'll be a surprisingly small change I think
nicoo has quit [Ping timeout: 240 seconds]
<qyliss>
Problem: this wouldn't be very useful without hotplugging of virtio devices
<qyliss>
And I'm not sure crosvm does that
<qyliss>
Oh it _does_
<qyliss>
but only USB devices
nicoo has joined #spectrum
<qyliss>
TIL: eventfd(2)
<IdleBot_5e50c57d>
It would also be enough if virtio-host-inside-VM could be reusable (so there would be something that could accept multiple normal virtio client VMs)