max/nix-super
1
0
Fork 0
mirror of https://github.com/privatevoid-net/nix-super.git synced 2024-11-26 15:56:18 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

describe the effect of restrict-eval in a more focused manner

Browse source
This commit is contained in:
Valentin Gagarin 2023-10-07 03:20:20 +02:00
parent 61720d0035
commit 2fe1ccf797
1 changed files with 6 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
src/libexpr/eval-settings.hh
View file

@ -29,10 +29,12 @@ struct EvalSettings : Config
this, false, "restrict-eval", this, false, "restrict-eval",
R"( R"(
If set to `true`, the Nix evaluator will not allow access to any If set to `true`, the Nix evaluator will not allow access to any
files outside of the Nix search path (as set via the `NIX_PATH` files outside of
environment variable or the `-I` option), or to URIs outside of [`builtins.nixPath`](@docroot@/language/builtin-constants.md#builtins-nixPath),
[`allowed-uris`](../command-ref/conf-file.md#conf-allowed-uris). or to URIs outside of
The default is `false`. [`allowed-uris`](@docroot@/command-ref/conf-file.md#conf-allowed-uris).
Also the default value for [`nix-path`](#conf-nix-path) is ignored, such that only explicitly set search path entries are taken into account.
)"}; )"};
Setting<bool> pureEval{this, false, "pure-eval", Setting<bool> pureEval{this, false, "pure-eval",