[Nix-dev] security - observing changes - example authorizedKeys

[Vladimír Čunát]

On 22 July 2012 15:45, Marc Weber <marco-oweber at gmx.de> wrote:
> And trusting the nix store hash sums (nix-store --verify
> --check-contents) is not safe either - because the database could have
> been compromised (then the attacker would know nixos very well).

One can do it like in git: if you have one SHA for the state of the
whole system, then you can verify it and even human-remember this
number (e.g. in bubble-babble). Or you can sign it and verify via some
chain of authorities (but the root authority stored could be
compromised).

Vlada