Open RaitoBezarius opened 7 months ago
This is a tracking issue for work around Boot security in NixOS incorporating elements of https://github.com/nix-community/projects/blob/main/proposals/nixpkgs-security.md.
Work driven by @RaitoBezarius
Work driven by @lheckemann, with the help of @mschwaig.
Work driven by @JulienMalka
Work driven by @ElvishJerricco
Tracking issue: https://github.com/NixOS/nixpkgs/issues/267982 Design document: https://pad.lassul.us/nixos-perlless-activation#
Work driven by @nikstur, with the help of @blitz @lheckemann.
This issue has been mentioned on NixOS Discourse. There might be relevant details there:
https://discourse.nixos.org/t/nixpkgs-supply-chain-security-project/34345/7
This is a tracking issue for work around Boot security in NixOS incorporating elements of https://github.com/nix-community/projects/blob/main/proposals/nixpkgs-security.md.
Upstream features
Work driven by @RaitoBezarius
UEFI Secure Boot by default for NixOS installer images
Work driven by @lheckemann, with the help of @mschwaig.
Bootspec v2
TPM2 in lanzaboote
Work driven by @RaitoBezarius
A/B schema in NixOS
Work driven by @JulienMalka
Integrity checks for the store
Work driven by @ElvishJerricco
Interpreter-less NixOS
Tracking issue: https://github.com/NixOS/nixpkgs/issues/267982 Design document: https://pad.lassul.us/nixos-perlless-activation#
Work driven by @nikstur, with the help of @blitz @lheckemann.