[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Providing/Submitting substitutes

From: phodina
Subject: Re: Providing/Submitting substitutes
Date: Wed, 22 Dec 2021 11:59:08 +0000

Hi Tobias,

> Petr,
> phodina via 写道:
> > However, since I already built the browser and it took several > hours
> >
> > I'd like to provide it also to other people.
> That's very considerate of you. Thank you!

My thanks go to all contributors of Guix for creating such amazing project!

> > Is there a way to submit the outputs of derivation to the > official
> >
> > substitution server or the only way would be to make public my
> >
> > substitution server?
> I'm afraid so (the latter). As you mention, this would require trusting the 
> other party but to an unreasonably degree: the ability to redistribute 
> arbitrary binaries, signed by the project, to all Guix users.

I was afraid so. However, that is understandable as security and trust would 
have to be sacrificed and it would open a large vector of attack against Guix 
> That said, if your substitution server has decent uptime, traffic, and a 
> public IP, nothing's stopping you from putting up a disclaimer page (like 
>… or better) and serving your substitutes to others.

I do have a VPS server currently running NixOS as this was the first system 
with the different concepts. Though, I'm now creating a patch for the provider 
[1] in order to run Guix System there. It has decent storage, performance and 
network connectivity.

> Adding the guix publish service is trivial, about as much work as typing 
> ‘guix archive --export’ once, and is a one-time effort!
> </promo>

No need for the promo, I want to run a substitution server (figure out how to 
do it correctly and securely) as otherwise this machine is sitting there mostly 

> > Correct me if I'm wrong but can't this be solved be verified by
> >
> > using guix challenge?
> In this case, I don't see how. Guix challenge is a valuable tool but to use 
> it in this way requires a fundamentally trusted party (e.g., you, or say, 
> to be distributing their own independently-built copy.

> If that were the case you wouldn't have had to build it yourself. So it could 
> be used after the fact, or for general ‘hm, this is interesting’ flagging for 
> further research, and that's not good enough here. Copies would have been 
> distributed by then.
> Challenges between 2 supposedly independent unofficial substitute providers 
> would be quite vulnerable to various kinds of subversion.
> Kind regards,
> T G-R

Thanks for the explanation. If I understand this correctly than it basically
boils down to trusting the parties themselves.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]