Don't let unprivileged users repair paths

author: Eelco Dolstra <eelco.dolstra@logicblox.com> 2015-06-02 02:21:54 +0200
committer: Eelco Dolstra <eelco.dolstra@logicblox.com> 2015-06-02 02:21:54 +0200
commit: d8ddf994e70f97994e0f1fbd382df93cd071b90f (patch)
tree: 34b8e835326a5de66d45a8eac6a50a33ae694c92 /src/nix-daemon/nix-daemon.cc
parent: 7106bb061149c70c30fb56aaa3530e5f9218ef92 (diff)
1 files changed, 9 insertions, 7 deletions
diff --git a/src/nix-daemon/nix-daemon.cc b/src/nix-daemon/nix-daemon.cc
index b3552a972..ad8b0d133 100644
--- a/src/nix-daemon/nix-daemon.cc
+++ b/src/nix-daemon/nix-daemon.cc
@@ -520,13 +520,15 @@ static void performOp(bool trusted, unsigned int clientVersion,
         break;
 
     case wopVerifyStore: {
-	bool checkContents = readInt(from) != 0;
-	bool repair = readInt(from) != 0;
-	startWork();
-	bool errors = store->verifyStore(checkContents, repair);
-	stopWork();
-	writeInt(errors, to);
-	break;
+        bool checkContents = readInt(from) != 0;
+        bool repair = readInt(from) != 0;
+        startWork();
+        if (repair && !trusted)
+            throw Error("you are not privileged to repair paths");
+        bool errors = store->verifyStore(checkContents, repair);
+        stopWork();
+        writeInt(errors, to);
+        break;
     }
 
     default:
author	Eelco Dolstra <eelco.dolstra@logicblox.com>	2015-06-02 02:21:54 +0200
committer	Eelco Dolstra <eelco.dolstra@logicblox.com>	2015-06-02 02:21:54 +0200
commit	d8ddf994e70f97994e0f1fbd382df93cd071b90f (patch)
tree	34b8e835326a5de66d45a8eac6a50a33ae694c92 /src/nix-daemon/nix-daemon.cc
parent	7106bb061149c70c30fb56aaa3530e5f9218ef92 (diff)