Hi! Guix gives lots of guarantees locally: packages can be --check'ed, profiles are reproducible, etc.
I am wondering whether Guix can still provide more guarantees than non-functional package managers / OS when running on a remote machine (controlled by an non-trusted third-party) with, say, SSH root access. For instance, can we somehow have the guarantee that the remote machine is the Guix we installed and hasn't been tampered with? I'm not sure whether I'm asking something trivial or not. If the latter, I'd be happy to read more literature about it. What do you people know on the topic? -- Pierre Neidhardt https://ambrevar.xyz/
signature.asc
Description: PGP signature
