[Nix-dev] Haskell NG: Still no binaries
Kirill Elagin
kirelagin at gmail.com
Thu Apr 16 22:36:23 CEST 2015
On Thu, Apr 16, 2015 at 11:33 PM Ertugrul Söylemez <ertesx at gmx.de> wrote:
> > IMHO, "nix-env" should pass those options on to the daemon, i.e. it
> > should not be necessary to hard-code hydra.cryp.to as a global binary
> > cache for this to work.
>
> Actually I'm not sure whether this is such a good idea. If it did, it
> would be a backdoor into fellow system users. An attacker could
> construct a Nix expression that matches exactly another system user's
> expression. Then the attacker builds it, but they tell Nix that they
> have a binary cache available for it, which delivers an infected version
> of the derivation.
>
> When the other system user tries to build the same expression, they find
> that it is already built, but it is actually the infected substitute
> injected by the attacker.
>
And that’s exactly why Nix won’t allow an untrusted user to use a custom
binary cache unless it is listed in `trusted-binary-caches` in `nix.conf`.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20150416/4288d75e/attachment.html
More information about the nix-dev
mailing list