mirror of
https://github.com/privatevoid-net/nix-super.git
synced 2024-11-22 05:56:15 +02:00
27 lines
No EOL
1.1 KiB
XML
27 lines
No EOL
1.1 KiB
XML
<chapter xmlns="http://docbook.org/ns/docbook"
|
||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||
xmlns:xi="http://www.w3.org/2001/XInclude"
|
||
version="5.0"
|
||
xml:id="ch-nix-security">
|
||
|
||
<title>Security</title>
|
||
|
||
<para>Nix has two basic security models. First, it can be used in
|
||
“single-user mode”, which is similar to what most other package
|
||
management tools do: there is a single user (typically <systemitem
|
||
class="username">root</systemitem>) who performs all package
|
||
management operations. All other users can then use the installed
|
||
packages, but they cannot perform package management operations
|
||
themselves.</para>
|
||
|
||
<para>Alternatively, you can configure Nix in “multi-user mode”. In
|
||
this model, all users can perform package management operations — for
|
||
instance, every user can install software without requiring root
|
||
privileges. Nix ensures that this is secure. For instance, it’s not
|
||
possible for one user to overwrite a package used by another user with
|
||
a Trojan horse.</para>
|
||
|
||
<xi:include href="single-user.xml" />
|
||
<xi:include href="multi-user.xml" />
|
||
|
||
</chapter> |