andi- has quit [Remote host closed the connection]
stigo has joined #nixos-security
andi- has joined #nixos-security
hyperreal has joined #nixos-security
Hello. I recently came across this article on macOS Homebrew security issues. Basically there is a huge attack vector from installing Homebrew into /usr/local. The attack vector is basically that someone could spoof the current user and place malicious software into the homebrew path (/usr/local) because Homebrew makes that path u+w.
Someone also said Nix would be a more secure alternative to Homebrew on macOS. However, I'm curious how this particular attack vector is closed on Nix.