wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-06-25 23:11:16 +02:00
Code Activity

Add restricted evaluation mode

Browse source 
If ‘--option restrict-eval true’ is given, the evaluator will throw an
exception if an attempt is made to access any file outside of the Nix
search path. This is primarily intended for Hydra, where we don't want
people doing ‘builtins.readFile ~/.ssh/id_dsa’ or stuff like that.
This commit is contained in:
Eelco Dolstra 2015-02-23 14:41:53 +01:00
parent 47bdc52c1b
commit 15d2d3c34e
6 changed files with 65 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

1
src/libexpr/nixexpr.hh
View file

@ -16,6 +16,7 @@ MakeError(ThrownError, AssertionError)
MakeError(Abort, EvalError)
MakeError(TypeError, EvalError)
MakeError(UndefinedVarError, Error)
MakeError(RestrictedPathError, Error)
/* Position objects. */