Nix is really cool! You can actually use Nix to build Snap packages! Not sure if that's actually used a lot though.
One of the advantages of Snap over Nix is that snap has security builtin. Snap is built to support a store where anyone can publish any application without curation. Nix Flakes look really cool for third-parties to "publish" applications for Nix, but I wonder how they will do security..
In Snap, the default permissions of an app are stored and distributed out-of-band with the package itself. The package defines what permissions it _can_ use and the declaration defines what permissions it is _allowed_ to use by default. Users can then override the default permissions.
You could get the same level of confinement in a Nix package, but then the package contains both the app and the confinement, so the packager or software provider gets to decide what permissions a package has on your system. Any idea how Nix could address this?
The building of nix packages is completely sandboxed and secure. The running of them is currently an after-thought.
- https://spectrum-os.org/ is a big idea for secure running of applications, which leverages Nix for some things.
- I would like to see some CloudABI/Capsicum experiments, as anything that is not capability based seems baroque, difficult to, ill-fitting the problem at hand, and generally going to end in tears.
- There is currently some wrapping around systemd-nspawn which could be improved.
BTW when I say "The running of them is currently an after-thought" this isn't as bad as it sounds. I would say all the good solutions are not the scope of Nix, but instead the scope of NixOS, Nix home-manager, nix-darwin, etc. Still, a real problem that deserves a solution. Thanks for bringing it up.
One of the advantages of Snap over Nix is that snap has security builtin. Snap is built to support a store where anyone can publish any application without curation. Nix Flakes look really cool for third-parties to "publish" applications for Nix, but I wonder how they will do security..
In Snap, the default permissions of an app are stored and distributed out-of-band with the package itself. The package defines what permissions it _can_ use and the declaration defines what permissions it is _allowed_ to use by default. Users can then override the default permissions.
You could get the same level of confinement in a Nix package, but then the package contains both the app and the confinement, so the packager or software provider gets to decide what permissions a package has on your system. Any idea how Nix could address this?