[Nix-dev] Binary trust
Peter Simons
simons at cryp.to
Thu Apr 16 22:29:46 CEST 2015
Hi Kirill,
> Actually, that’s an interesting question. I always assumed they were
> signed (AFAIK `nix-store` is able to check signatures contained inside
> NAR-files), but now I wonder how does hydra.cryp.to sign NAR’s…
it's my understanding that the content from binary caches is not signed in
any meaningful way. If you're downloading pre-compiled binaries from
hydra.cryp.to or anywhere else, then you're living in the Wild West,
essentially. Anyone with the ability to mess with those machines (or the
transport layer between you and the cache) can inject trojan horses into
your system as they please.
Best regards,
Peter
More information about the nix-dev
mailing list