aboutsummaryrefslogtreecommitdiff
path: root/src/libstore/build.cc
diff options
context:
space:
mode:
authorEelco Dolstra <e.dolstra@tudelft.nl>2005-10-17 16:59:25 +0000
committerEelco Dolstra <e.dolstra@tudelft.nl>2005-10-17 16:59:25 +0000
commit439823ae803444052442ad6ceb7191ba22cbc4cf (patch)
tree5a99fbaea5aa4c453e8806fa96ff18629dd36cff /src/libstore/build.cc
parent7ef574e5d0568a27a3f30b68af6d0a744aff90ff (diff)
* Check that the build result is owned by the build user, and that
nobody else has write permission to the build result. This catches most hack attempts.
Diffstat (limited to 'src/libstore/build.cc')
-rw-r--r--src/libstore/build.cc15
1 files changed, 13 insertions, 2 deletions
diff --git a/src/libstore/build.cc b/src/libstore/build.cc
index e0a7c6689..47d097921 100644
--- a/src/libstore/build.cc
+++ b/src/libstore/build.cc
@@ -1194,6 +1194,10 @@ void DerivationGoal::computeClosure()
% drvPath % path);
}
+ struct stat st;
+ if (lstat(path.c_str(), &st))
+ throw SysError(format("getting attributes of path `%1%'") % path);
+
startNest(nest, lvlTalkative,
format("scanning for references inside `%1%'") % path);
@@ -1214,8 +1218,6 @@ void DerivationGoal::computeClosure()
/* The output path should be a regular file without
execute permission. */
struct stat st;
- if (lstat(path.c_str(), &st))
- throw SysError(format("getting attributes of path `%1%'") % path);
if (!S_ISREG(st.st_mode) || (st.st_mode & S_IXUSR) != 0)
throw Error(
format("output path `%1% should be a non-executable regular file")
@@ -1234,6 +1236,15 @@ void DerivationGoal::computeClosure()
% path % algo % printHash(h) % printHash(h2));
}
+ /* Check that the output is not group or world writable, as
+ that means that someone else can have interfered with the
+ build. Also, the output should be owned by the build
+ user. */
+ if ((st.st_mode & (S_IWGRP | S_IWOTH)) ||
+ (buildUser != 0 && st.st_uid != buildUser))
+ throw Error(format("suspicious ownership or permission on `%1%'; rejecting this build output") % path);
+
+ /* Get rid of all weird permissions. */
canonicalisePathMetaData(path);
/* For this output path, find the references to other paths contained