[Nix-dev] What about introducing security.packages?
Marc Weber
marco-oweber at gmx.de
Sun Aug 21 18:51:57 CEST 2011
you:
> My system-path derivation lists more than 600 paths... I like this way
> of managing package installation; your proposal would make it somewhat
> harder...
Me:
> > [..] Eg we could add
> >additional info then:
> >
> >meta / passthru = {
> > providesDbusConfig = {
> > why = "Without this XY won't work - however security risk might be
> > ...";
> > }
> >}
> >
So replace this "could" with "should/must" for exactly that reason. Only
packages which have the providesDbusConfig like attr have to added to
those black/white lists. And then hopefully there will be about 20 left
or such (I haven't counted them)
600 times adding a package? No thanks :)
Marc Weber
More information about the nix-dev
mailing list