[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: security concerns of using guix packages
|
From: |
Pjotr Prins |
|
Subject: |
Re: security concerns of using guix packages |
|
Date: |
Sat, 4 Jul 2015 16:37:09 +0200 |
|
User-agent: |
Mutt/1.5.21 (2010-09-15) |
On Sat, Jul 04, 2015 at 04:22:20PM +0200, Ludovic Courtès wrote:
> A concern could be the time it takes for the project to deploy security
> fixes. Obviously there are much fewer Guix contributors than Debian
> contributors, but so far we do pretty well nevertheless (thanks to
> Mark H Weaver for the most part.)
I would like to add here that Guix compares to Nix in many ways (not
least they share the same daemon). Nix has been going much longer, it
has a large community, and it is interesting to note that many Nixers
are actually system administrators who choose to deploy their systems
with Nix packages.
It is not that that they chose to live dangerously ;). You could check
their track record for security fixes. You'll find that every major
fix went in quickly. Same for Guix with its short history.
Pj.