| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2021-06-01 | Check the CA hash when importing stuff in the local store | regnat | |
| When adding a path to the local store (via `LocalStore::addToStore`), ensure that the `ca` field of the provided `ValidPathInfo` does indeed correspond to the content of the path. Otherwise any untrusted user (or any binary cache) can add arbitrary content-addressed paths to the store (as content-addressed paths don’t need a signature). | |||
 |
index : lix | |
| User & |
| aboutsummaryrefslogtreecommitdiff |