mirror of
https://github.com/privatevoid-net/nix-super.git
synced 2024-11-26 07:46:21 +02:00
Don't resolve symlinks while checking __impureHostDeps
Since these come from untrusted users, we shouldn't do any I/O on them before we've checked that they're in an allowed prefix.
This commit is contained in:
parent
f1151a3373
commit
100961e370
1 changed files with 5 additions and 2 deletions
|
@ -1784,10 +1784,13 @@ void DerivationGoal::startBuilder()
|
||||||
|
|
||||||
for (auto & i : impurePaths) {
|
for (auto & i : impurePaths) {
|
||||||
bool found = false;
|
bool found = false;
|
||||||
Path canonI = canonPath(i, true);
|
/* Note: we're not resolving symlinks here to prevent
|
||||||
|
giving a non-root user info about inaccessible
|
||||||
|
files. */
|
||||||
|
Path canonI = canonPath(i);
|
||||||
/* If only we had a trie to do this more efficiently :) luckily, these are generally going to be pretty small */
|
/* If only we had a trie to do this more efficiently :) luckily, these are generally going to be pretty small */
|
||||||
for (auto & a : allowedPaths) {
|
for (auto & a : allowedPaths) {
|
||||||
Path canonA = canonPath(a, true);
|
Path canonA = canonPath(a);
|
||||||
if (canonI == canonA || isInDir(canonI, canonA)) {
|
if (canonI == canonA || isInDir(canonI, canonA)) {
|
||||||
found = true;
|
found = true;
|
||||||
break;
|
break;
|
||||||
|
|
Loading…
Reference in a new issue