tvl-depot/src
Eelco Dolstra 5526a282b5 Security: Don't allow builders to change permissions on files they don't own
It turns out that in multi-user Nix, a builder may be able to do

  ln /etc/shadow $out/foo

Afterwards, canonicalisePathMetaData() will be applied to $out/foo,
causing /etc/shadow's mode to be set to 444 (readable by everybody but
writable by nobody).  That's obviously Very Bad.

Fortunately, this fails in NixOS's default configuration because
/nix/store is a bind mount, so "ln" will fail with "Invalid
cross-device link".  It also fails if hard-link restrictions are
enabled, so a workaround is:

  echo 1 > /proc/sys/fs/protected_hardlinks

The solution is to check that all files in $out are owned by the build
user.  This means that innocuous operations like "ln
${pkgs.foo}/some-file $out/" are now rejected, but that already failed
in chroot builds anyway.
2013-02-26 02:30:19 +01:00
..
boost * Install some headers in the right location. 2009-03-05 14:57:50 +00:00
bsdiff-4.3 Drop the externals directory 2012-03-18 23:54:57 +01:00
libexpr Make "${./path} ..." evaluate to a string, not a path 2013-02-08 20:04:04 +01:00
libmain build-remote: Use the --quiet flag 2013-02-19 16:56:31 +01:00
libstore Security: Don't allow builders to change permissions on files they don't own 2013-02-26 02:30:19 +01:00
libutil Remove tabs 2013-01-03 13:00:46 +01:00
nix-daemon Add `Settings::nixDaemonSocketFile'. 2013-02-19 10:19:18 +01:00
nix-env Allow setting the profile location using $NIX_PROFILE 2012-12-12 16:01:46 +01:00
nix-hash When ‘--help’ is given, just run ‘man’ to show the manual page 2012-10-03 16:40:09 -04:00
nix-instantiate nix-instantiate: Fix read-only evaluation 2012-11-26 17:41:10 +01:00
nix-log2xml * Emit warning='1' or error='1' attributes for lines marked as 2010-03-05 12:54:58 +00:00
nix-setuid-helper Templatise tokenizeString() 2012-09-19 15:43:23 -04:00
nix-store Security: Don't allow builders to change permissions on files they don't own 2013-02-26 02:30:19 +01:00
Makefile.am Rename nix-worker to nix-daemon 2012-10-03 17:59:23 -04:00