Excerpts from Michael Raskin's message of Sun Dec 27 11:24:03 +0100 2009: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Marc Weber wrote: > > a) We don't want root to run the build (too unsafe) > > > > c) We want to run > > nix-build release.nix -A live_cd > > which may contain passwords. > > There are three users: > > 1) calling user > 2) store owner > 3) build user (never coincides with previous ones) > > There are some stages: > > 1) reading expressions > 2) evaluating expressions > 3) writing derivations > 4) reading derivations > 5) preparing the build > 6) running the build > 7) post-processing the build output (changing permissions, finding > dependencies) > > It would be reasonable, that (1, 2) are done by (1), (3,4,5,7) by (2) > and (6) by (3). > > I guess we could have "derivationSecret" and "owners" derivation > properties. If they are set, derivation is only readable by store owner; > only direct builds by store owner or local builds via Nix daemon by > users with names in "owners" list should go on.
What do you mean by users with names in "owners" ? Do they belong to the group "store_owners" or such? In your description: Will every user still be able to build a live cd which is using the feature derivationSecret ? Marc Weber _______________________________________________ nix-dev mailing list [email protected] https://mail.cs.uu.nl/mailman/listinfo/nix-dev
