aboutsummaryrefslogtreecommitdiff
path: root/src/nix
diff options
context:
space:
mode:
authorYorick van Pelt <yorick@yorickvanpelt.nl>2022-05-24 16:26:40 +0200
committerYorick van Pelt <yorick@yorickvanpelt.nl>2022-05-24 16:26:40 +0200
commitcbf60bec6ff900e6759b439b782c8cef163b3046 (patch)
tree077f7a5257c2dcd0f0034106b025906d69f702a0 /src/nix
parent4f98bc29ffe5d7007eb919ae4dbbe0adc4a07745 (diff)
configure.ac: check for sandbox-shell's FEATURE_SH_STANDALONE
See also: https://bugs.archlinux.org/task/73998. Busybox's FEATURE_SH_STANDALONE feature causes other busybox applets to leak into the sandbox, where system() calls will start preferring them over tools in $PATH. On arch, this even includes `ar`. Let's check for this evil feature and disallow using this as a sandbox shell.
Diffstat (limited to 'src/nix')
0 files changed, 0 insertions, 0 deletions