I like the idea of nixOS and will definitely try it in the future to see how portable I can make the setup be (hopefully a couple of files that can configure the entire machine).
But the only thing in my mind that is stopping it not being the absolute almost perfection of a tech-savy distro is the reliance of systemd, which has software that I as a user will never going to touch which adds unnecessary bloat to the init (also more unnecessary attack vectors). And if I really needed to have some of the systemd programs, there are replacements out there that do the job that can be later installed when needed, like having log files and stuff.
What do you think of some day seeing a fork of nixOS that uses other init systems and works well? Or is it just me that likes this idea? Like a voidish nixOS 🤔
If you manage to infect your systemd unit list which requires root privilege and give it a permission to run on boot I don’t think it’s an attack vector anymore its one’s stupidity. Systemd is the furthest thing from an outside attack. Someone might poison your bashrc and its more possible than someone inserting a malicious unit file and asking you to run.
I didn’t know about bashrc poisoning, thx for the intel.
You are probably right, systemd attack vector might not be that big as it seems. But its a bit unfortunate that it has that small extra negative layer of security.
The bashrc poisoning thing was sarcastic. the point is it’s not important as an attack vector because if that’s even part of your surface area, then the attacker is already pretty well into your system
Thx for clarifying the point. 👍