diff options
Diffstat (limited to 'third_party/nix/doc/manual/installation/nix-security.xml')
| -rw-r--r-- | third_party/nix/doc/manual/installation/nix-security.xml | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/third_party/nix/doc/manual/installation/nix-security.xml b/third_party/nix/doc/manual/installation/nix-security.xml new file mode 100644 index 000000000000..d888ff14d457 --- /dev/null +++ b/third_party/nix/doc/manual/installation/nix-security.xml @@ -0,0 +1,27 @@ +<chapter xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xmlns:xi="http://www.w3.org/2001/XInclude" + version="5.0" + xml:id="ch-nix-security"> + +<title>Security</title> + +<para>Nix has two basic security models. First, it can be used in +“single-user mode”, which is similar to what most other package +management tools do: there is a single user (typically <systemitem +class="username">root</systemitem>) who performs all package +management operations. All other users can then use the installed +packages, but they cannot perform package management operations +themselves.</para> + +<para>Alternatively, you can configure Nix in “multi-user mode”. In +this model, all users can perform package management operations — for +instance, every user can install software without requiring root +privileges. Nix ensures that this is secure. For instance, it’s not +possible for one user to overwrite a package used by another user with +a Trojan horse.</para> + +<xi:include href="single-user.xml" /> +<xi:include href="multi-user.xml" /> + +</chapter> \ No newline at end of file |