wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-06-29 06:21:14 +02:00
Code Activity

Obfuscate memory roots for non-root users

Browse source
This commit is contained in:
Guillaume Maudoux 2019-02-28 23:26:07 +01:00 committed by Guillaume Maudoux
parent 43331d6344
commit a17f86ce3a
2 changed files with 16 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

11
src/nix-daemon/nix-daemon.cc
View file

@ -478,8 +478,15 @@ static void performOp(TunnelLogger * logger, ref<Store> store,
Roots roots = store->findRoots();
logger->stopWork();
to << roots.size();
for (auto & i : roots)
to << i.first << i.second;
int n = 0;
for (auto & i : roots) {
// Obfuscate 'memory' roots as they exposes information about other users,
if (i.first.rfind("{memory:", 0) == 0) {
to << fmt("{memory:%d}", n++) << i.second;
} else {
to << i.first << i.second;
}
}
break;
}