diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2015-01-08 16:39:07 +0100 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2015-01-08 16:39:07 +0100 |
commit | 27b7b94923d2f207781b438bb7a57669bddf7d2b (patch) | |
tree | 93f929dd2b506ae139776b637f71b202ed0bec30 /src/libstore/build.cc | |
parent | 128538ef06aa1075b82a1c559e11f6e445514858 (diff) |
Set /nix/store permission to 1737
I.e., not readable to the nixbld group. This improves purity a bit for
non-chroot builds, because it prevents a builder from enumerating
store paths (i.e. it can only access paths it knows about).
Diffstat (limited to 'src/libstore/build.cc')
-rw-r--r-- | src/libstore/build.cc | 15 |
1 files changed, 0 insertions, 15 deletions
diff --git a/src/libstore/build.cc b/src/libstore/build.cc index e73e4a4a3..5817611d4 100644 --- a/src/libstore/build.cc +++ b/src/libstore/build.cc @@ -1736,21 +1736,6 @@ void DerivationGoal::startBuilder() /* Change ownership of the temporary build directory. */ if (chown(tmpDir.c_str(), buildUser.getUID(), buildUser.getGID()) == -1) throw SysError(format("cannot change ownership of ‘%1%’") % tmpDir); - - /* Check that the Nix store has the appropriate permissions, - i.e., owned by root and mode 1775 (sticky bit on so that - the builder can create its output but not mess with the - outputs of other processes). */ - struct stat st; - if (stat(settings.nixStore.c_str(), &st) == -1) - throw SysError(format("cannot stat ‘%1%’") % settings.nixStore); - if (!(st.st_mode & S_ISVTX) || - ((st.st_mode & S_IRWXG) != S_IRWXG) || - (st.st_gid != buildUser.getGID())) - throw Error(format( - "builder does not have write permission to ‘%2%’; " - "try ‘chgrp %1% %2%; chmod 1775 %2%’") - % buildUser.getGID() % settings.nixStore); } |