aboutsummaryrefslogtreecommitdiff
path: root/src/nix/flake-check.md
diff options
context:
space:
mode:
authorregnat <rg@regnat.ovh>2021-05-27 13:25:25 +0200
committerEelco Dolstra <edolstra@gmail.com>2021-06-01 15:09:24 +0200
commit5985b8b5275605ddd5e92e2f0a7a9f494ac6e35d (patch)
treed44bdb69d99952539e01570f2f6dc95ef5e714d8 /src/nix/flake-check.md
parent48396d940ee0f68080cfe99544a50a884b30fea6 (diff)
Check the CA hash when importing stuff in the local store
When adding a path to the local store (via `LocalStore::addToStore`), ensure that the `ca` field of the provided `ValidPathInfo` does indeed correspond to the content of the path. Otherwise any untrusted user (or any binary cache) can add arbitrary content-addressed paths to the store (as content-addressed paths don’t need a signature).
Diffstat (limited to 'src/nix/flake-check.md')
0 files changed, 0 insertions, 0 deletions