[Nix-dev] [Nix-commits] SVN commit: nix - r30127 - in nixos/trunk/modules: config installer/cd-dvd installer/generations-dir installer/tools installer/tools/nixos-deploy-network misc security services/misc services/monito...
Shea Levy
shea at shealevy.com
Wed Nov 2 05:50:00 CET 2011
On 11/2/11 12:31 AM, Marc Weber wrote:
> Excerpts from Shea Levy's message of Wed Nov 02 05:13:20 +0100 2011:
>> 2. Different levels of trust: Other than the general goodwill of mankind
>> (which I probably believe in more than most) and the lack of complaint
>> from others, I have little assurance that hydra actually builds what it
>> claims.
> a) which assurance would you accept (would be good enough)? Should Eelco
> Dolstra and tu delft sign same papers? :)
> b) is it enough? I mean does gcc what it claims to do, does the hardware
> what it claims to do?
Right, different people have different thresholds for what they will
trust, and why. I just think allowing people to be more paranoid is a
good thing whenever possible. For my part, I trust that hydra builds
what it says, but I don't know how often, if ever, they verify the store
there and what they do if it fails, so if I have a local build I will
prefer it over a hydra build.
>
> tarballs should be protected by hash - and if you misstrust hashes you
> should talk about requesting a stronger solution :)
>
> Marc Weber
More information about the nix-dev
mailing list