nix-super/src/libexpr
Eelco Dolstra b2027f70d9 * Fix a huuuuge security hole in the Nix daemon. It didn't check that
derivations added to the store by clients have "correct" output
  paths (meaning that the output paths are computed by hashing the
  derivation according to a certain algorithm).  This means that a
  malicious user could craft a special .drv file to build *any*
  desired path in the store with any desired contents (so long as the
  path doesn't already exist).  Then the attacker just needs to wait
  for a victim to come along and install the compromised path.

  For instance, if Alice (the attacker) knows that the latest Firefox
  derivation in Nixpkgs produces the path

    /nix/store/1a5nyfd4ajxbyy97r1fslhgrv70gj8a7-firefox-5.0.1

  then (provided this path doesn't already exist) she can craft a .drv
  file that creates that path (i.e., has it as one of its outputs),
  add it to the store using "nix-store --add", and build it with
  "nix-store -r".  So the fake .drv could write a Trojan to the
  Firefox path.  Then, if user Bob (the victim) comes along and does

    $ nix-env -i firefox
    $ firefox

  he executes the Trojan injected by Alice.

  The fix is to have the Nix daemon verify that derivation outputs are
  correct (in addValidPath()).  This required some refactoring to move
  the hash computation code to libstore.
2011-07-20 18:10:47 +00:00
..
attr-path.cc * Store attribute sets as a vector instead of a map (i.e. a red-black 2010-10-24 00:41:29 +00:00
attr-path.hh * Store Value nodes outside of attribute sets. I.e., Attr now stores 2010-10-22 14:47:42 +00:00
common-opts.cc * Keep attribute sets in sorted order to speed up attribute lookups. 2010-10-24 19:52:33 +00:00
common-opts.hh * Update autoCallFunction() and findAlongAttrPath(). 2010-04-07 15:47:06 +00:00
eval.cc * Allow a default value in attribute selection by writing 2011-07-13 12:19:57 +00:00
eval.hh * Fix a huuuuge security hole in the Nix daemon. It didn't check that 2011-07-20 18:10:47 +00:00
get-drvs.cc * Keep attribute sets in sorted order to speed up attribute lookups. 2010-10-24 19:52:33 +00:00
get-drvs.hh * DrvInfo contains pointers to expressions, so DrvInfos should be 2010-11-25 13:47:34 +00:00
lexer.l * Allow a default value in attribute selection by writing 2011-07-13 12:19:57 +00:00
Makefile.am Use $BDW_GC_LIBS instead of a custom variable. 2011-02-09 21:23:13 +00:00
names.cc * Export the nix-env derivation name parsing and version comparison 2008-07-01 10:10:32 +00:00
names.hh * Export the nix-env derivation name parsing and version comparison 2008-07-01 10:10:32 +00:00
nix.sdf First attempt to update Nix SDF grammar to match the actual bison grammar 2008-06-04 14:36:46 +00:00
nixexpr.cc * Allow a default value in attribute selection by writing 2011-07-13 12:19:57 +00:00
nixexpr.hh * Allow a default value in attribute selection by writing 2011-07-13 12:19:57 +00:00
parser.hh * Use a symbol table to represent identifiers and attribute names 2010-04-13 12:25:42 +00:00
parser.y * Allow attribute names to be strings. Based on the 2011-07-13 15:53:24 +00:00
primops.cc * Fix a huuuuge security hole in the Nix daemon. It didn't check that 2011-07-20 18:10:47 +00:00
symbol-table.hh * Store attribute sets as a vector instead of a map (i.e. a red-black 2010-10-24 00:41:29 +00:00
value-to-xml.cc * Keep attribute sets in sorted order to speed up attribute lookups. 2010-10-24 19:52:33 +00:00
value-to-xml.hh * Make sure that config.h is included before the system headers, 2010-10-04 17:55:38 +00:00