| 15 Mar 2026 |
 K900 | No, you do all of the evaluation on a trusted evaluator | 13:54:29 |
| K900 | And the builders only do building | 13:54:41 |
| K900 | The evaluator is necessarily trusted in any model, because the evaluator is what creates the identity of a workload | 13:55:14 |
 zoë (she/her) | so you have to trust every dependency of everything you're building? cause except if your top drv is the one that needs the secret, that seems like it just opens up more attack surface | 13:55:46 |
| K900 | No, you trust your evaluator to only allow secret access to specific workloads | 13:56:17 |
| zoë (she/her) | yes, i understand that the evaluator is implicitly trusted, i understand that; what i don't trust is the derivations | 13:56:29 |
 KFears 🏳️⚧️ (they/them) | In reply to @blokyk:matrix.org
so you have to trust every dependency of everything you're building? cause except if your top drv is the one that needs the secret, that seems like it just opens up more attack surface That's kinda already the case | 13:56:38 |
| zoë (she/her) | yes but how would it know that ;-; | 13:56:42 |
| K900 | And if you're worried about trusting-trust style attacks where you build a hacked curl that steals your secrets | 13:56:51 |
| K900 | Then you have bigger problems anyway | 13:56:57 |
| K900 | In reply to @blokyk:matrix.org
yes but how would it know that ;-; How would it know what? | 13:57:23 |
| zoë (she/her) | how would it know which drv/workloads to allow secret access to? | 13:57:52 |
| K900 | Likely via some meta attribute on the derivation | 13:58:10 |
| K900 | And probably some additional filtering on top | 13:58:19 |
| zoë (she/her) | well that's the case with building the software, but that's a different problem (e.g. you might be able to jail/virtualize it or whatever depending on your context); here we're trying to protect secrets on the build machine, but builds with nix don't have access to those anyway by default, so even if a derivation is written in a malicious way that tries to access /etc/shadow or /run/secrets or whatever, it won't be able to | 14:00:33 |
| zoë (she/her) | like yeah, it's already a (big) problem, but it's a different attack vector | 14:02:43 |
| zoë (she/her) | where would that come from? how do you know it's not some unrelated derivation that just skimmed the meta.identity attribute from another drv? cause i can't see anyway to do that with a user in the loop (or some kind of heuristics, but as we all know from avast&co, that'd never be reliable) ;-; | 14:03:53 |
| zoë (she/her) | * where would that come from? how do you know it's not some unrelated derivation that just skimmed the meta.identity attribute from another drv? cause i can't see anyway to do that with a user in the loop (or some kind of heuristics, but as we all know from avast&co, that'd never be reliable ;-;) | 14:03:58 |
| zoë (she/her) | * where would that come from? how do you know it's not some unrelated derivation that just skimmed the meta.identity attribute from another drv? cause i can't see anyway to do that with a user in the loop (or some kind of heuristics, but as we all know from avast&co, that'd never be reliable) ;-; | 14:04:05 |
| K900 | You can generally track down where the attribute was defined | 14:04:19 |
| K900 | And e.g. assert it's in your code repository directly | 14:04:25 |
| K900 | And not somewhere in nixpkgs | 14:04:29 |
| K900 | Also, nixpkgs targeting your secret retrieval scheme is basically in the same threat model as trusting-curl | 14:04:49 |
| zoë (she/her) | hmm ok, i can see that; it's not a very elegant design but i'll admit i can't see any immediate security problems here for our attack model | 14:05:50 |
| zoë (she/her) | thank you for educating me :) | 14:05:59 |
| zoë (she/her) | * thank you for indulging/educating me :) | 14:06:06 |
| zoë (she/her) | * hmm ok, i can see that; it's not a very elegant design but i'll admit i can't see any immediate security problems here for our attack model (ignore trusting trust, but yeah that's a whole can o' worms) | 14:16:59 |
|  blades joined the room. | 17:25:32 |
|  isabel changed their profile picture. | 20:56:46 |
| zoë (she/her) | i git pulled my lix copy earlier and am now reading the 2.95 release notes ahead of time, and i just to say: i know it's a tiny ux thing, but Qyriad thank you so much for the nix store delete thing, it's so annoying every time, and the reason why i opened the repo was specifically because i wanted to figure out if that would be possible x) | 21:11:14 |
