[Nix-dev] [yui at cock.li: Re: Malicious installation methods]
Eelco Dolstra
eelco.dolstra at logicblox.com
Fri Jun 17 16:26:46 CEST 2016
Hi,
On 06/17/2016 03:56 PM, Yui Hirasawa wrote:
> HTTPS is not a verified channel. Our current CA system is really fragile
It is, but it works a lot better than the PGP web of trust in that it doesn't
require people to get together to engage in quaint key signing rituals.
> Here is a quote from the #nix channel:
>
>> kmicu: Tsutsukakushi: I told ya so… security is not a priority here.
Cargo cult security is not a priority. I wouldn't worry about "curl | bash" but
not the giant binary tarball downloaded and executed by that script (or
equivalently, installing a binary RPM or Deb package). Signing the installer
script would provide only a minor increase in security (in that it would require
the signing key to be compromised, rather than the nixos.org certificate). I
don't object to doing that though.
--
Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/
More information about the nix-dev
mailing list