/nix/store is world-readable which is incredibly bad for deploying secrets. We're only doing it right now because we're fairly certain that our services are secure enough and systemd's isolation is good enough to prevent this. Obviously, if we can do better, we should.
/nix/store is world-readable which is incredibly bad for deploying secrets. We're only doing it right now because we're fairly certain that our services are secure enough and systemd's isolation is good enough to prevent this. Obviously, if we can do better, we should.