guix-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

15/66: ccs-2021: Typos, hyphenation, and other improvements.

From: Ludovic Courtès
Subject: 15/66: ccs-2021: Typos, hyphenation, and other improvements.
Date: Wed, 29 Jun 2022 11:31:58 -0400 (EDT) 
civodul pushed a commit to branch master
in repository maintenance.

commit 0856eac1e32df378884b828788678467c4fc90af
Author: Ludovic Courtès <ludo@gnu.org>
AuthorDate: Thu May 6 10:34:32 2021 +0200

    ccs-2021: Typos, hyphenation, and other improvements.
    
    Reported by Jan Nieuwenhuizen <janneke@gnu.org>.
---
 doc/ccs-2021/security.sbib    |  7 ++++++
 doc/ccs-2021/supply-chain.skb | 55 ++++++++++++++++++++++++++++---------------
 2 files changed, 43 insertions(+), 19 deletions(-)

diff --git a/doc/ccs-2021/security.sbib b/doc/ccs-2021/security.sbib
index dbcfb8e..8ef6c95 100644
--- a/doc/ccs-2021/security.sbib
+++ b/doc/ccs-2021/security.sbib
@@ -86,6 +86,13 @@
   (month "June")
   (url 
"https://guix.gnu.org/en/blog/2020/guix-further-reduces-bootstrap-seed-to-25/";))
 
+(misc janneke2021:full-source-bootstrap
+  (url "https://fosdem.org/2021/schedule/event/gnumes/";)
+  (title "GNU Mes — the Full Source Bootstrap")
+  (author "Jan Nieuwenhuizen")
+  (year "2021")
+  (month "February"))
+
 (article thompson1984:trusting-trust
   (author "Ken Thompson")
   (title "Reflections on Trusting Trust")
diff --git a/doc/ccs-2021/supply-chain.skb b/doc/ccs-2021/supply-chain.skb
index a564000..685a725 100644
--- a/doc/ccs-2021/supply-chain.skb
+++ b/doc/ccs-2021/supply-chain.skb
@@ -37,9 +37,22 @@
   (symbol "=>"))
   
 ;; XXX: Terrible hack to turn hyphens into hyphenation points in 'tt'.
-(set! (@@ (skribilo engine latex) latex-tt-encoding)
-      `((#\- "-\\-")
-        ,@(@@ (skribilo engine latex) latex-tt-encoding)))
+(define latex-tt-encoding
+  `((#\- "-\\-")
+    (#\h "h\\-")   ;“authorizations”, “authenticate”
+    ,@(@@ (skribilo engine latex) latex-tt-encoding)))
+
+(markup-writer 'tt (find-engine 'latex)
+   :before "{\\texttt{"
+   :action (lambda (n e)
+             (let ((ne (make-engine
+                          (gensym "latex")
+                          :delegate e
+                          :filter (make-string-replace latex-tt-encoding)
+                          :custom (engine-customs e)
+                          :symbol-table (engine-symbol-table e))))
+                (output (markup-body n) ne)))
+   :after "}}")
 
 ;; For pdflatex.
 (engine-custom-set! (find-engine 'latex) 'image-format '("pdf"))
@@ -62,6 +75,9 @@
                                    ;; typeset inside teletype text.
                                    
"\\DeclareUnicodeCharacter{2026}{\\textrm{\\ldots}}\n"
 
+                                   ;; Improve hyphenation.
+                                   "\\hyphenation{Open-PGP}\n"
+
                                    "\
 %% \\fancyhf{} % Remove fancy page headers 
 %% \\fancyhead[C]{Anonymous submission \\#9999 to ACM CCS 2021} % TODO: 
replace 9999 with your paper number
@@ -302,17 +318,17 @@ already available.  Likewise, ,(tt [guix challenge 
hello]) compares
 binaries of the ,(tt [hello]) package available locally with those
 provided by one or several substitute servers.])
       (p [Are reproducible builds enough to guarantee that one can
-verify source-to-binary mappings?  In his Turing Award acceptance speech
-,(ref :bib 'thompson1984:trusting-trust), Ken Thompson described a
-scenario whereby a legitimate-looking build process would produce a
-malicious binary—if that build process is reproducible, it just
-reproducibly build a malicious binary.  The attack Thompson described,
-often referred to as a “Trusting Trust attack”, consists in targeting
-the compilation toolchain, typically by modifying the compiler such that
-it emits malicious code when it recognizes specific patterns of source
-code.  This attack can be undetectable.  What makes such attacks
-possible is that users and distributions rely on opaque binaries at some
-level to “bootstrap” the entire package dependency graph.])
+verify source-to-binary mappings?  In his Turing Award acceptance
+speech, Ken Thompson described a scenario whereby a legitimate-looking
+build process would produce a malicious binary ,(ref :bib
+'thompson1984:trusting-trust).  If that build process is reproducible,
+it just reproducibly builds a malicious binary.  The attack Thompson
+described, often referred to as a “Trusting Trust attack”, consists in
+targeting the compilation toolchain, typically by modifying the compiler
+such that it emits malicious code when it recognizes specific patterns
+of source code.  This attack can be undetectable.  What makes such
+attacks possible is that users and distributions rely on opaque binaries
+at some level to “bootstrap” the entire package dependency graph.])
       (p [In 2017, Jan Nieuwenhuizen ,(it [et al.]) sought to address
 this forty-year-old problem at its root: by ensuring no opaque binaries
 appear in the package dependency graph—no less ,(ref :bib
@@ -324,9 +340,10 @@ at the root of the Guix package graph, well below what had 
been achieved
 so far ,(ref :bib 'janneke2020:bootstrap).  While many considered it
 unrealistic a few years earlier, the initial goal of building ,(emph
 [everything]) from source, starting from a small core and incrementally
-building more complex pieces of software, is now within reach.  This has
-the potential to thwart an entire class of software supply chain attacks
-that has been known but left unaddressed for forty years.]))
+building more complex pieces of software, is now within reach ,(ref :bib
+'janneke2021:full-source-bootstrap).  This has the potential to thwart
+an entire class of software supply chain attacks that has been known but
+left unaddressed for forty years.]))
    
    (chapter :title [Rationale] :ident "rationale"
       
@@ -360,7 +377,7 @@ pull]).])
 run malicious code.  An attacker could trick the user into connecting to
 an alternate repository that contains malicious code or definitions for
 backdoored packages.  This is made more difficult by the fact that code
-is fetched over HTTPS by default, which allows clients to authenticates
+is fetched over HTTPS by default, which allows clients to authenticate
 the server they are connecting to.  However, server authentication is of
 no use when the server hosting the repository is compromised, as
 happened to GNU’s Savannah in 2010 ,(ref :bib 'fsf2010:compromise).])
@@ -788,7 +805,7 @@ themselves authenticating hundreds of commits when running 
,(tt [guix
 pull]).  The implementation must be able to perform well.])
       
         (p [At the algorithmic level, the main optimization is to
-consider than, if a commit has been authenticated, then all the commits
+consider that, if a commit has been authenticated, then all the commits
 in its transitive closure are automatically considered authentic and do
 not need to be checked.  This optimization stems from the fact that the
 commit graph has integrity properties similar to that of a Merkle-style
reply via email to
[Prev in Thread] Current Thread [Next in Thread]