wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-06-30 19:57:59 +02:00
Code Activity

* Remove write permission from output paths after they have been built.

Browse source 
* Point $HOME to a non-existing path when building to prevent certain tools (such as 
  wget) from falling back on /etc/passwd to locate the home directory (which we 
  don't want them to look at since it's not declared as an input).
This commit is contained in:
Eelco Dolstra 2003-08-22 20:12:44 +00:00
parent 56b98c3857
commit a88144215c
3 changed files with 52 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

38
src/util.cc
View file

@ -106,13 +106,13 @@ bool pathExists(const string & path)
}
void deletePath(string path)
void deletePath(const string & path)
{
msg(lvlVomit, format("deleting path `%1%'") % path);
struct stat st;
if (lstat(path.c_str(), &st))
throw SysError(format("getting attributes of path %1%") % path);
throw SysError(format("getting attributes of path `%1%'") % path);
if (S_ISDIR(st.st_mode)) {
Strings names;
@ -128,12 +128,44 @@ void deletePath(string path)
closedir(dir); /* !!! close on exception */
/* Make the directory writable. */
if (!(st.st_mode & S_IWUSR)) {
if (chmod(path.c_str(), st.st_mode | S_IWUSR) == -1)
throw SysError(format("making `%1%' writable"));
}
for (Strings::iterator i = names.begin(); i != names.end(); i++)
deletePath(path + "/" + *i);
}
if (remove(path.c_str()) == -1)
throw SysError(format("cannot unlink %1%") % path);
throw SysError(format("cannot unlink `%1%'") % path);
}
void makePathReadOnly(const string & path)
{
struct stat st;
if (lstat(path.c_str(), &st))
throw SysError(format("getting attributes of path `%1%'") % path);
if (st.st_mode & S_IWUSR) {
if (chmod(path.c_str(), st.st_mode & ~S_IWUSR) == -1)
throw SysError(format("making `%1%' read-only"));
}
if (S_ISDIR(st.st_mode)) {
DIR * dir = opendir(path.c_str());
struct dirent * dirent;
while (errno = 0, dirent = readdir(dir)) {
string name = dirent->d_name;
if (name == "." || name == "..") continue;
makePathReadOnly(path + "/" + name);
}
closedir(dir); /* !!! close on exception */
}
}