mirror of
https://github.com/privatevoid-net/nix-super.git
synced 2024-11-25 23:36:16 +02:00
Add a release note for the build-dir hardening
This commit is contained in:
parent
1d3696f0fb
commit
d99c868b04
1 changed files with 8 additions and 0 deletions
8
doc/manual/rl-next/harden-user-sandboxing.md
Normal file
8
doc/manual/rl-next/harden-user-sandboxing.md
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
---
|
||||||
|
synopsis: Harden the user sandboxing
|
||||||
|
significance: significant
|
||||||
|
issues:
|
||||||
|
prs: <only provided once merged>
|
||||||
|
---
|
||||||
|
|
||||||
|
The build directory has been hardened against interference with the outside world by nesting it inside another directory owned by (and only readable by) the daemon user.
|
Loading…
Reference in a new issue