[Nix-dev] Malicious installation methods

joachifm at fastmail.fm joachifm at fastmail.fm
Fri Jun 17 23:42:57 CEST 2016


On Fri, Jun 17, 2016, at 11:36 PM, Yui Hirasawa wrote:
> >>>>> True, of course. But, there is a class of software projects which will
> >>>>> likely never be "packaged" by package managers - namely, other package
> >>>>> managers. Nix falls into this class, along with, for example, NPM,
> >>>>> Brew, Oh-My-Zsh, and others.
> >>>>
> >>>> What reason would there to not package other package managers?
> >>>
> >>> IIRC, Debian won't package Nix because it violates the FHS (by requiring
> >>a /nix
> >>> directory).
> >>
> >> Is the nix root dir configurable? Would it be that horrible to have
> >> /opt/nix or /var/lib/nix or something else be the nix root on Debian?
> >
> > It's not strictly required, but it would mean losing out on all the binary
> > packages provided by the CI.
> 
> Aren't they built in a chroot like Guix does? Why would anything break
> just because you change where they are installed?

Because it invalidates all the store references.


More information about the nix-dev mailing list