[Nix-dev] why has each revision / generation not a own configuration.nix
Leo Gaspard
leo at gaspard.io
Sat May 13 12:14:53 CEST 2017
On 05/13/2017 05:28 AM, Stefan Huchler wrote:
> [...]
> Do you know the reason why it defaults to false, cant think of any
> disadvantage of that functionality. I mean nixos eats harddrive like
> nearly no other distro. So saving space cant be the reason.
>
> Some sort of privacy concern?
With https://github.com/NixOS/nix/issues/8 solved, there will be
possibility to have password in the configuration that won't be
world-readable. In this context, copying the configuration.nix would
make world-readable again, which in case of passwords can hurt security
a lot.
At least that's the only reason I can think of.
HTH,
Leo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: OpenPGP digital signature
URL: <https://mailman.science.uu.nl/pipermail/nix-dev/attachments/20170513/bbcb5e0d/attachment.sig>
More information about the nix-dev
mailing list