diff options
author | Jade Lovelace <lix@jade.fyi> | 2024-06-10 19:55:40 -0700 |
---|---|---|
committer | Jade Lovelace <lix@jade.fyi> | 2024-06-12 15:34:23 -0700 |
commit | 5f6eb6eb446d911228e830f45edb8ced8413bb58 (patch) | |
tree | 5f62581234bde47f9525da70950724526818392e /src/libfetchers | |
parent | d9345d8836d295a205eab19ce9e969bcc9a35b42 (diff) |
doc: rewrite the multi-user documentation to actually talk about security
It's in the security section, and it was totally outdated anyway.
I took the opportunity to write down the stuff we already believed.
Change-Id: I73e62ae85a82dad13ef846e31f377c3efce13cb0
Diffstat (limited to 'src/libfetchers')
-rw-r--r-- | src/libfetchers/fetch-settings.hh | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/src/libfetchers/fetch-settings.hh b/src/libfetchers/fetch-settings.hh index 2dc2834fb..6fb260c3a 100644 --- a/src/libfetchers/fetch-settings.hh +++ b/src/libfetchers/fetch-settings.hh @@ -87,7 +87,17 @@ struct FetchSettings : public Config {}, true, Xp::Flakes}; Setting<bool> acceptFlakeConfig{this, false, "accept-flake-config", - "Whether to accept nix configuration from a flake without prompting.", + R"( + Whether to accept Lix configuration from the `nixConfig` attribute of + a flake without prompting. This is almost always a very bad idea. + + Setting this setting as a trusted user allows Nix flakes to gain root + access on your machine if they set one of the several + trusted-user-only settings that execute commands as root. + + See [multi-user installations](@docroot@/installation/multi-user.md) + for more details on the Lix security model. + )", {}, true, Xp::Flakes}; Setting<std::string> commitLockFileSummary{ |