wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-07-07 06:01:48 +02:00
Code Activity

Disable the build user mechanism on all platforms except Linux and OS X

Browse source 
(cherry picked from commit c8cc50d46e)
This commit is contained in:
Eelco Dolstra 2017-06-06 18:52:15 +02:00
parent bcc21744df
commit 0ca9502264
No known key found for this signature in database
GPG key ID: 8170B4726D7198DE
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/libstore/build.cc
View file

@ -1895,7 +1895,13 @@ void DerivationGoal::startBuilder()
/* If `build-users-group' is not empty, then we have to build as /* If `build-users-group' is not empty, then we have to build as
one of the members of that group. */ one of the members of that group. */
if (settings.buildUsersGroup != "") { if (settings.buildUsersGroup != "") {
#if defined(__linux__) || defined(__APPLE__)
buildUser.acquire(); buildUser.acquire();
#else
/* Don't know how to block the creation of setuid/setgid
binaries on this platform. */
throw Error("build users are not supported on this platform for security reasons");
#endif
assert(buildUser.getUID() != 0); assert(buildUser.getUID() != 0);
assert(buildUser.getGID() != 0); assert(buildUser.getGID() != 0);