/homeless-shelter -> /proc/homeless/shelter

This makes it so even root can't create $HOME, for example by running `mkdir -p $HOME/.cache/foo`.
2024-11-15 02:36:16 +02:00 · 2024-08-14 14:35:42 +03:00 · 2024-08-14 14:35:42 +03:00 · 77d84a8d8b
commit 77d84a8d8b
parent ea1f87ecda
2 changed files with 2 additions and 2 deletions
--- a/doc/manual/src/language/derivations.md
+++ b/doc/manual/src/language/derivations.md
@ -264,7 +264,7 @@ The [`builder`](#attr-builder) is executed as follows:
  - `PATH` is set to `/path-not-set` to prevent shells from
    initialising it to their built-in default value.

-  - `HOME` is set to `/homeless-shelter` to prevent programs from
+  - `HOME` is set to `/proc/homeless-shelter` to prevent programs from
    using `/etc/passwd` or the like to find the user's home
    directory, which could cause impurity. Usually, when `HOME` is
    set, it is used as the location of the home directory, even if
--- a/src/libstore/unix/build/local-derivation-goal.cc
+++ b/src/libstore/unix/build/local-derivation-goal.cc
@ -102,7 +102,7 @@ void handleDiffHook(
    }
 }

-const Path LocalDerivationGoal::homeDir = "/homeless-shelter";
+const Path LocalDerivationGoal::homeDir = "/proc/homeless-shelter";


 LocalDerivationGoal::~LocalDerivationGoal()