[Nix-dev] Hardened NixOS
Marc Weber
marco-oweber at gmx.de
Tue Nov 19 03:45:32 CET 2013
Yes, start the wiki page.
Don't forgett that nixos has the "nesting" features for builds.
Thus you can build i686,x86_64 and hardened/not hardened systems at the
same time.
Ther is not much which can go wrong other than that you have to download
nix* stuff twice.
Its on my todo list to improve the perl based grub builder to allow such
showing such 'sub-systems' in the boot menu again. The feature already
was there when the bash builder script was used. Might take some time
till I manage to do so.
Having a very short writeup about
- feature -X description see link foo
potential issues:
..
would be perfect.
Why do you fear people disagreeing ?
Let me rethink: there are 3 types of tools I use most:
- browser (This will not be hardened for JIT reasons?, this could
benefit little)
- email (this could benefit a lot)
- editor (I trust scripts anyway)
- web servers (this could benefit, unless I use nodejs ..)
Marc Weber
More information about the nix-dev
mailing list