wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-06-28 17:51:15 +02:00
Code Activity

fix: builtins.toFile adds path to allowedPaths

Browse source 
The produced path is then allowed be imported or utilized elsewhere:
```
assert (43 == import (builtins.toFile "source" "43")); "good"
```

This will still fail on write-only stores.
This commit is contained in:
Tom Bereknyei 2022-04-21 16:41:37 -04:00
parent 9345b4e9ca
commit f25112d383
3 changed files with 10 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tests/eval.sh
View file

@ -20,6 +20,8 @@ nix eval --expr 'assert 1 + 2 == 3; true'
[[ $(nix eval attr --json -f "./eval.nix") == '{"foo":"bar"}' ]]
[[ $(nix eval int -f - < "./eval.nix") == 123 ]]
# Check if toFile can be utilized during restricted eval
[[ $(nix eval --restrict-eval --expr 'import (builtins.toFile "source" "42")') == 42 ]]
nix-instantiate --eval -E 'assert 1 + 2 == 3; true'
[[ $(nix-instantiate -A int --eval "./eval.nix") == 123 ]]