[Nix-dev] Malicious installation methods

Yui Hirasawa yui at cock.li
Sat Jun 18 00:00:03 CEST 2016


>>>>>>> True, of course. But, there is a class of software projects which will
>>>>>>> likely never be "packaged" by package managers - namely, other package
>>>>>>> managers. Nix falls into this class, along with, for example, NPM,
>>>>>>> Brew, Oh-My-Zsh, and others.
>>>>>>
>>>>>> What reason would there to not package other package managers?
>>>>>
>>>>> IIRC, Debian won't package Nix because it violates the FHS (by requiring
>>>>a /nix
>>>>> directory).
>>>>
>>>> Is the nix root dir configurable? Would it be that horrible to have
>>>> /opt/nix or /var/lib/nix or something else be the nix root on Debian?
>>>
>>> It's not strictly required, but it would mean losing out on all the binary
>>> packages provided by the CI.
>>
>> Aren't they built in a chroot like Guix does? Why would anything break
>> just because you change where they are installed?
>
> Because it invalidates all the store references.

Seems like nix needs some redesign then.


More information about the nix-dev mailing list