NixOS is the whole OS. It doesn't use the kernel sandboxing at all, for itself a... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		jerf on Aug 12, 2015 \| parent \| context \| favorite \| on: How I develop with Nix NixOS is the whole OS. It doesn't use the kernel sandboxing at all, for itself at least, any more than any other distro does. Conceivably it could be used to replace CoreOS, though I'm sure that while at a high level that makes perfect sense there's an arbitrary number of incidental details that make that impractical, as is the way of these things.

arianvanp on Aug 13, 2015 [–]

It actually has kernel sandboxing built in. You can run nix expressions in linux containers. https://nixos.org/releases/nixos/14.12/nixos-14.12.374.61adf...

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact