[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Guix and remote trust
From: |
Pierre Neidhardt |
Subject: |
Re: Guix and remote trust |
Date: |
Fri, 13 Dec 2019 09:48:34 +0100 |
Christopher Baines <address@hidden> writes:
> This sounds like guix gc --verify=contents. Debian has a similar feature
> I think, with dpkg --verify.
From the manual:
--8<---------------cut here---------------start------------->8---
When passing ‘--verify=contents’, the daemon computes the content
hash of each store item and compares it against its hash in the
database. Hash mismatches are reported as data corruptions.
Because it traverses _all the files in the store_, this command can
take a long time, especially on systems with a slow disk drive.
--8<---------------cut here---------------end--------------->8---
Is this still relevant remotely? If an untrusted third-party has root
access to the system, they can probably tamper with both the database
and the store, right?
--
Pierre Neidhardt
https://ambrevar.xyz/
signature.asc
Description: PGP signature
- Guix and remote trust, Pierre Neidhardt, 2019/12/12
- Re: Guix and remote trust, Christopher Baines, 2019/12/12
- Re: Guix and remote trust,
Pierre Neidhardt <=
- Re: Guix and remote trust, zimoun, 2019/12/13
- Re: Guix and remote trust, Pierre Neidhardt, 2019/12/13
- Re: Guix and remote trust, zimoun, 2019/12/13
- Re: Guix and remote trust, Josh Marshall, 2019/12/13
- Re: Guix and remote trust, Pierre Neidhardt, 2019/12/13
- Re: Guix and remote trust, Pierre Neidhardt, 2019/12/13
- Re: Guix and remote trust, Pierre Neidhardt, 2019/12/13
- Re: Guix and remote trust, zimoun, 2019/12/13