[Nix-dev] Is it possible to limit nix access to sudoers and/ora group?

[Michael Raskin]

>This is a good question because installing packages can be used as a DOS
>attack. I wonder if it would be easy to make a patch to change the file
>permissions on the Nix daemon and other services that write to the Nix
>store.

I would expect that changing socket permissions should be the simplest
way. Given it is in /nix/var/nix/daemon-socket/ you could just make the 
directory unreadable (o-rx) for non-welcome users.