about summary refs log tree commit diff
path: root/doc/manual/installation/nix-security.xml
diff options
context:
space:
mode:
authorMikey Ariel <mariel@redhat.com>2014-08-27T16·41+0200
committerMikey Ariel <mariel@redhat.com>2014-08-27T16·41+0200
commit8901acc97664aa8ebf687ee904428aa57a5192be (patch)
treef7bfefccbc2a08cc49eb37b424758a6158b29b58 /doc/manual/installation/nix-security.xml
parent3f0a4bf0e7254edddaa864d23893d98da23c2977 (diff)
Restructuring the Nix manual
Diffstat (limited to 'doc/manual/installation/nix-security.xml')
-rw-r--r--doc/manual/installation/nix-security.xml27
1 files changed, 27 insertions, 0 deletions
diff --git a/doc/manual/installation/nix-security.xml b/doc/manual/installation/nix-security.xml
new file mode 100644
index 000000000000..d888ff14d457
--- /dev/null
+++ b/doc/manual/installation/nix-security.xml
@@ -0,0 +1,27 @@
+<chapter xmlns="http://docbook.org/ns/docbook"
+      xmlns:xlink="http://www.w3.org/1999/xlink"
+      xmlns:xi="http://www.w3.org/2001/XInclude"
+      version="5.0"
+      xml:id="ch-nix-security">
+
+<title>Security</title>
+
+<para>Nix has two basic security models.  First, it can be used in
+“single-user mode”, which is similar to what most other package
+management tools do: there is a single user (typically <systemitem
+class="username">root</systemitem>) who performs all package
+management operations.  All other users can then use the installed
+packages, but they cannot perform package management operations
+themselves.</para>
+
+<para>Alternatively, you can configure Nix in “multi-user mode”.  In
+this model, all users can perform package management operations — for
+instance, every user can install software without requiring root
+privileges.  Nix ensures that this is secure.  For instance, it’s not
+possible for one user to overwrite a package used by another user with
+a Trojan horse.</para>
+
+<xi:include href="single-user.xml" />
+<xi:include href="multi-user.xml" />
+
+</chapter>
\ No newline at end of file