[Nix-dev] When calling nix-store --verify-path - How to know the hash database is not corrupt?

Wed Mar 9 16:20:09 CET 2016

I'm referring to the database which is referred to by the manpage of nix-store,
section on "--verify".

It is not clearly stated what database this is, as far as I can tell.

On 10-03-2016 02:02:24, Roger Qiu wrote:
> The database you're referring to is the nixpkgs repository/channel right?
> On 10/03/2016 1:59 AM, "Matthias Beyer" <mail at beyermatthias.de> wrote:
> 
> > Hi,
> >
> > I have a question. When calling `nix-store --verify-path
> > /nix/store/something`,
> > it verifies that the contents of the store path haven't been altered by an
> > attacker or some other corruption like bitflips or something, am I right?
> >
> > It does so by comparing the hashsum of the directory contents with a hash
> > sum
> > stored in some database, am I right?
> >
> > How to know that the database isn't corrupt?
> >
> > Following scenario:
> >
> >     An attacker altered the libc of my system. The attacker knows how nix
> > works
> >     and alters the hash stored in the database as well.
> >     Calling `nix-store --verify-path /nix/store/somehash-libc-something`
> > exits
> >     without error now, as the hashes still match.
> >
> > Or am I getting something wrong here?
> >
> > --
> > Mit freundlichen Grüßen,
> > Kind regards,
> > Matthias Beyer
> >
> > Proudly sent with mutt.
> > Happily signed with gnupg.
> >
> > _______________________________________________
> > nix-dev mailing list
> > nix-dev at lists.science.uu.nl
> > http://lists.science.uu.nl/mailman/listinfo/nix-dev
> >
> >

-- 
Mit freundlichen Grüßen,
Kind regards,
Matthias Beyer

Proudly sent with mutt.
Happily signed with gnupg.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
Url : http://lists.science.uu.nl/pipermail/nix-dev/attachments/20160309/f8caa600/attachment.bin 