wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-06-28 05:21:16 +02:00
Code Activity

* Beginning of secure multi-user Nix stores. If Nix is started as

Browse source 
root (or setuid root), then builds will be performed under one of
  the users listed in the `build-users' configuration variables.  This
  is to make it impossible to influence build results externally,
  allowing locally built derivations to be shared safely between
  users (see ASE-2005 paper).

  To do: only one builder should be active per build user.
This commit is contained in:
Eelco Dolstra 2005-10-17 15:33:24 +00:00
parent 15ff877438
commit 32282abcea
4 changed files with 219 additions and 58 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/libstore/globals.cc
View file

@ -17,8 +17,6 @@ bool tryFallback = false;
Verbosity buildVerbosity = lvlInfo;
unsigned int maxBuildJobs = 1;
bool readOnlyMode = false;
bool buildAllowRoot = true;
list<string> buildUsers;
static bool settingsRead = false;
@ -79,8 +77,6 @@ Strings querySetting(const string & name, const Strings & def)
bool queryBoolSetting(const string & name, bool def)
{
debug("X");
Strings defs;
if (def) defs.push_back("true"); else defs.push_back("false");