Nix / NixOS

1765 readers

5 users here now

Main links

website
wiki
matrix

Videos

Linux Experiment about NixOS
Chris Titus Tech
Mental Outlaw

founded 1 year ago

MODERATORS

[email protected]

How the xz backdoor highlights a major flaw in Nix | Shade's Blog (shadeyg56.vercel.app)

submitted 7 months ago by [email protected] to c/[email protected]

11 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 2 points 7 months ago* (last edited 7 months ago)

That's a nice idea in theory but not possible in practice as the last Nixpkgs revision without a tainted version of xz is many months old. You'd trade one CVE for dozens of others.

permalink
fedilink
source
parent