* Added a test that make sure that users cannot register

specially-crafted derivations that produce output paths belonging to
  other derivations.  This could be used to inject malware into the
  store.

tests/secure-drv-outputs.nix

@@ -0,0 +1,23 @@
+with import ./config.nix;
+
+{
+
+  good = mkDerivation {
+    name = "good";
+    builder = builtins.toFile "builder"
+      ''
+        mkdir $out
+        touch $out/good
+      '';
+  };
+
+  bad = mkDerivation {
+    name = "good";
+    builder = builtins.toFile "builder"
+      ''
+        mkdir $out
+        touch $out/bad
+      '';
+  };
+
+}