guix-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GNU Guix Questions


From: Ludovic Courtès
Subject: Re: GNU Guix Questions
Date: Tue, 07 Mar 2017 14:57:54 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux)

Hi!

address@hidden skribis:

> * Does Guix defend against the variety of attacks described in the TUF
> threat model document? (described in link below) How resilient is it
> against key compromise? (TUF was designed from the ground up to
> provide a highly resilient and secure update framework as a drop in
> replacement to crappy standalone updaters - a problem that's become
> very serious for proprietary OSes. The security research and
> implementation behind it are an excellent rubric that one can apply to
> any updater/package manager.)
>
> https://github.com/theupdateframework/tuf/blob/develop/SECURITY.md

The short answer is: not yet.

The longer answer is that TUF is biased towards “traditional” package
managers where the main asset is a binary package archive.

Guix is conceptually a source-based package manager, so what we want to
authenticate is Git checkouts of Guix itself.  TUF needs to be “ported”
to this model.  We’ll address this hopefully within a few months, and
definitely by 1.0:

  https://bugs.gnu.org/22883

Ludo’.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]