I am thinking about putting NixOS on a home server. My plan is to self-host services like Immich and Jellyfin. My concern is having to trust another party. WIth setups like Debian + Docker, there is no extra party to trust since the containers are officially distributed by the developers.
So if someone who had read + write access to nixpkgs, could they theoretically inject malicious code to the build process? Then distribute the binary via Hydra?
You can still use containerized apps on nixos if you prefer to keep nixpkgs out of it, but that’s somewhat of a false protection. Anyone with write access to nixpkgs can put malware into core system tools or something, too.
In any distro, you always have to trust the distro’s creators. They’re the ones who package and distribute the core software everything is running on. Nixos is no different.
Agreed, there’s nothing stopping you from achieving a similar setup, just with swapping the debian base for nixos. You can mix-and-match as well. I’m running a nix on my servers, like kubernetes with various containers but then things like postgres on the host.
The source of trust has to go somewhere. If it’s not with the binaries, then it has to be with the source, either nixpkgs or the original developers.
This is false, FWIW, many (most?) docker containers (on dockerhub) are maintained by third parties, and Debian has an explicit policy that packages are not allowed to be maintained by “the developers” precisely so that there is an additional layer of review.
All these options are in either case still vulnerable to supply chain attacks, there are many points in the process where code can be substituted without someone noticing; it doesn’t really matter whether “the developers” publish the tag or not, if someone has write access to a package repo they can substitute anything.
The risk is probably roughly the same with all of them. If anything, I think dockerhub is likely the most risky, given that maintainer review is practically the only defense and that dockerhub has the most lax review requirements.
Nixpkgs isn’t much better, Debian is likely the strictest you can find, but Debian maintainers are also not infallible, as has been shown from time to time.
So if someone who had read + write access to nixpkgs, could they theoretically inject malicious code to the build process? Then distribute the binary via Hydra?
Things can only be merged into nixpkgs after review. So this is a matter of “do you trust our review process of nixpkgs more than the review process of Debian”. That is a social question; not a technical one; I guess.
with regards to trusting the nix infra team to make sure Hydra doesn’t get hacked; if that is a concern to you, you can always just build everything from source! Just remove https://cache.nixos.org from your list of substituters. That’s the power of nix. A lot of companies do this internally for compliance reasons.
I don’t have experience with Debian but I expect a source bootstrap is a lot harder than in nixpkgs.