I agree there is no conflict between your proposal and my suggestion. The reason I mentioned it is that I do not like the idea of relying on a single trusted party for security (to whic your proposal makes no difference, because the trusted party will control all build machines). If someone (use your imagination) wanted to be able to gain access to any nixos machine, they would be tempted to compromise the centrally controlled builds.
Therefore I think we should encourage people to run build systems, whether centrally controlled or not. Tim _______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
