[Nix-dev] Nix(OS) and passwords ? builtins.writeFileToPath proposal
Marc Weber
marco-oweber at gmx.de
Sun Dec 27 15:36:33 CET 2009
Excerpts from Michael Raskin's message of Sun Dec 27 11:24:03 +0100 2009:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Marc Weber wrote:
> > a) We don't want root to run the build (too unsafe)
> >
> > c) We want to run
> > nix-build release.nix -A live_cd
> > which may contain passwords.
>
> There are three users:
>
> 1) calling user
> 2) store owner
> 3) build user (never coincides with previous ones)
>
> There are some stages:
>
> 1) reading expressions
> 2) evaluating expressions
> 3) writing derivations
> 4) reading derivations
> 5) preparing the build
> 6) running the build
> 7) post-processing the build output (changing permissions, finding
> dependencies)
>
> It would be reasonable, that (1, 2) are done by (1), (3,4,5,7) by (2)
> and (6) by (3).
>
> I guess we could have "derivationSecret" and "owners" derivation
> properties. If they are set, derivation is only readable by store owner;
> only direct builds by store owner or local builds via Nix daemon by
> users with names in "owners" list should go on.
What do you mean by users with names in "owners" ?
Do they belong to the group "store_owners" or such?
In your description: Will every user still be able to build a live cd
which is using the feature derivationSecret ?
Marc Weber
More information about the nix-dev
mailing list