[Nix-dev] What about introducing security.packages?

[Marc Weber]

Another solution would be having a black/white list. If a package should
be added to DBUS but is contained in neither list tell the user to do
so. This way users have a choice but won't miss to make the decision.

Eg:

  systemPackages = [ pkgProvidingDbusConfig pkg2ProvidingDbusConfig pkg3ProvidingDbusConfig ];

  dbus.whitelist= [pkgProvidingDbusConfig];
  dbus.blacklist= [pkg2ProvidingDbusConfig];

Now nixos-rebuild will fail because pkg3ProvidingDbusConfig is not
contained in either list.

This is yet another take on it which would satisfy security to some
extend and make things work because users won't forget to whitelist some
packages. Thinking about it I'd prefer this one. Eg we could add
additional info then:

meta / passthru = {
  providesDbusConfig = {
    why = "Without this XY won't work - however security risk might be
    ...";
  }
}

Is complexity a bigger issue than the value this solution provides?
Don't know. It would minimize questions and debugging. That's why its
my favorite. The only downside is that users have to make a choice which
also is a feature.

Marc Weber