max/nix-super
1
0
Fork 0
mirror of https://github.com/privatevoid-net/nix-super.git synced 2024-09-20 08:28:06 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #9112 from fricklerhandwerk/restrict-eval-nix-path

Browse source 
describe the effect of `restrict-eval` in a more focused manner
This commit is contained in:
John Ericson 2023-10-09 11:07:21 -04:00 committed by GitHub
commit 3953901796
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
src/libexpr/eval-settings.hh
View file

@ -29,10 +29,12 @@ struct EvalSettings : Config
this, false, "restrict-eval",
R"(
If set to `true`, the Nix evaluator will not allow access to any
files outside of the Nix search path (as set via the `NIX_PATH`
environment variable or the `-I` option), or to URIs outside of
[`allowed-uris`](../command-ref/conf-file.md#conf-allowed-uris).
The default is `false`.
files outside of
[`builtins.nixPath`](@docroot@/language/builtin-constants.md#builtins-nixPath),
or to URIs outside of
[`allowed-uris`](@docroot@/command-ref/conf-file.md#conf-allowed-uris).
Also the default value for [`nix-path`](#conf-nix-path) is ignored, such that only explicitly set search path entries are taken into account.
)"};
Setting<bool> pureEval{this, false, "pure-eval",