[Nix-dev] Re: What about introducing security.packages?
Yury G. Kudryashov
urkud.urkud at gmail.com
Sun Aug 21 17:50:54 CEST 2011
Michael Raskin wrote:
> The real downside is that one can end up having _multiple_ large
> white/blacklists.
No since just a few packages provide *system* d-bus/udev/whatever service.
And, e.g., modules/services/hardware/udisks.nix should add udisks to d-bus
and udev whitelists.
> My system-path derivation lists more than 600 paths... I like this way
> of managing package installation; your proposal would make it somewhat
> harder...
We can add something like "whiteListByDefault = false(blacklist) |
true(whitelist) | abort".
P.S.: Unrelated issue: why <standard_session_servicedirs/> is removed from
dbus.conf? With <standard_session_servicedirs/> and a proper XDG_DATA_DIRS,
user will see d-bus *session* service files installed into his profile.
--
Yury G. Kudryashov,
mailto: urkud at mccme.ru
More information about the nix-dev
mailing list