doc: Call out potential for security vulnerabilities in old software.

* doc/guix.texi (Invoking guix time-machine): Add a note.

Co-authored by: Simon Tournier <zimon.toutoune@gmail.com>
This commit is contained in:
pelzflorian (Florian Pelz) 2022-11-19 13:09:31 +01:00 committed by Florian Pelz
parent a44d6e1ea2
commit b8d4c323f5
No known key found for this signature in database
GPG key ID: 300888CB39C63817

View file

@ -60,7 +60,7 @@ Copyright @copyright{} 2018, 2021 Oleg Pykhalov@*
Copyright @copyright{} 2018 Mike Gerwitz@* Copyright @copyright{} 2018 Mike Gerwitz@*
Copyright @copyright{} 2018 Pierre-Antoine Rouby@* Copyright @copyright{} 2018 Pierre-Antoine Rouby@*
Copyright @copyright{} 2018, 2019 Gábor Boskovits@* Copyright @copyright{} 2018, 2019 Gábor Boskovits@*
Copyright @copyright{} 2018, 2019, 2020 Florian Pelz@* Copyright @copyright{} 2018, 2019, 2020, 2022 Florian Pelz@*
Copyright @copyright{} 2018 Laura Lazzati@* Copyright @copyright{} 2018 Laura Lazzati@*
Copyright @copyright{} 2018 Alex Vong@* Copyright @copyright{} 2018 Alex Vong@*
Copyright @copyright{} 2019 Josh Holland@* Copyright @copyright{} 2019 Josh Holland@*
@ -4834,6 +4834,15 @@ invocation can be expensive: it may have to download or even build a
large number of packages; the result is cached though and subsequent large number of packages; the result is cached though and subsequent
commands targeting the same commit are almost instantaneous. commands targeting the same commit are almost instantaneous.
@quotation Note
The history of Guix is immutable and @command{guix time-machine}
provides the exact same software as they are in a specific Guix
revision. Naturally, no security fixes are provided for old versions
of Guix or its channels. A careless use of @command{guix time-machine}
opens the door to security vulnerabilities. @xref{Invoking guix pull,
@option{--allow-downgrades}}.
@end quotation
The general syntax is: The general syntax is:
@example @example