#nixos-security on 2018-10-04

06:17 copumpkin has quit [Ping timeout: 252 seconds]

06:54 copumpkin has joined #nixos-security

10:24 <flokli> https://github.com/NixOS/nixpkgs/issues/47860

10:24 <{^_^}> #47860 (by volth, 55 minutes ago, open): security concerns of nix store paths in grub.cfg

10:27 <andi-> Isn't that the same as putting a password in the store? You have been warned additionally you are doing that with a public(?) binary cache.. I would classify that as user error?

11:29 <ckauhaus> AFAICS this is an instance of the password problem

11:30 <ckauhaus> resp a "security by obscurity" problem

11:31 <andi-> yeah

12:32 * sphalerite wonders if https://username:password@cache.example.com/ will work with Basic auth as one might hope out of the box

13:43 <andi-> https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.7.2_.282018-10-01.29 we should upgrade mercurila.. I do not have a valid keypair for GitHub with me at the office :/

14:14 sphalerite has quit [Ping timeout: 250 seconds]

14:16 sphalerite has joined #nixos-security

14:38 <ekleog> speaking of which, do anyone understand what's waiting for https://github.com/NixOS/rfcs/pull/5 to be finished & merged ?

14:38 <{^_^}> rfcs#5 (by edolstra, 1 year ago, open): [RFC 0005] Nix encryption

14:38 <ekleog> s/do/does/

17:28 ckauhaus is now known as ckauhaus[afk]

20:35 <flokli> turns out, ghostscript is broken again. two security-related fixes on their master, no release yet: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=65a9046ded8e9edd5d33bc812a9e94ae29607a1e http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c98cb5237c983e363fe05757b2639eab550499e8

20:35 <flokli> and all that while figuring out why I can't print in color :facepalm: