Looking at the likes of Kicksecure, SecureBlue and Hardened Alpine, it would seem like Guix would solve a good portion of the issues that each one of these distros have, while bringing other advantages like reproducible builds and what some users seem to like to see from their distro: ephemeral state with a defined configuration.
IMO GUIX should be very high up in the list for people interested in hardened distributions. Why don’t I see much dialog on it though? I thought the internet would gobble it up, especially with how popular Nix is getting.
You must log in or # to comment.
Maybe I’m unfamiliar with something specific you mean, but GNU Guix isn’t really a “hardened distribution”. It’s an organizational system and package manager. It’s the GNU version of Nix/NixOS.
The other distributions you name at the top of your posts are security hardened, but are just using locked down package and feature configurations to be called as such.
Simply switching to a different method of package management has no security benefits.