aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/libstore/sandbox-defaults.sb.in5
1 files changed, 4 insertions, 1 deletions
diff --git a/src/libstore/sandbox-defaults.sb.in b/src/libstore/sandbox-defaults.sb.in
index 12c39fa7f..702f05602 100644
--- a/src/libstore/sandbox-defaults.sb.in
+++ b/src/libstore/sandbox-defaults.sb.in
@@ -35,7 +35,10 @@
(literal "/private/var/run/resolv.conf"))
; some builders use filehandles other than stdin/stdout
-(allow file* (subpath "/dev/fd"))
+(allow file*
+ (subpath "/dev/fd")
+ (literal "/dev/ptmx")
+ (regex #"^/dev/[pt]ty.*$"))
; allow everything inside TMP
(allow file* process-exec