Merge pull request #11300 from noamraph/homeless-shelter-to-proc

Make $HOME=/proc/homeless-shelter instead of /homeless-shelter

doc/manual/src/language/derivations.md

@@ -264,7 +264,8 @@ The [`builder`](#attr-builder) is executed as follows:
   - `PATH` is set to `/path-not-set` to prevent shells from
     initialising it to their built-in default value.
 
-  - `HOME` is set to `/homeless-shelter` to prevent programs from
+  - `HOME` is set to `/proc/homeless-shelter` on Linux and `/homeless-shelter`
+    on OSX, to prevent programs from
     using `/etc/passwd` or the like to find the user's home
     directory, which could cause impurity. Usually, when `HOME` is
     set, it is used as the location of the home directory, even if

src/libstore/unix/build/local-derivation-goal.cc

@@ -102,7 +102,14 @@ void handleDiffHook(
     }
 }
 
+// We want $HOME to be un-creatable in the sandbox. On Linux,
+// you can't create anything inside /proc since it's a virtual filesystem.
+// On Darwin it seems that `/homeless-shelter` is good enough.
+#if __linux__
+const Path LocalDerivationGoal::homeDir = "/proc/homeless-shelter";
+#else
 const Path LocalDerivationGoal::homeDir = "/homeless-shelter";
+#endif
 
 
 LocalDerivationGoal::~LocalDerivationGoal()