Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nix
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: a8d13e66ee93
Choose a base ref
...
head repository: NixOS/nix
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 833aae45090e
Choose a head ref
  • 10 commits
  • 8 files changed
  • 1 contributor

Commits on Jun 1, 2017

  1. Add a seccomp filter to prevent creating setuid/setgid binaries 

    This prevents builders from setting the S_ISUID or S_ISGID bits,
preventing users from using a nixbld* user to create a setuid/setgid
binary to interfere with subsequent builds under the same nixbld* uid.

This is based on aszlig's seccomp code
(47f5877).

Reported by Linus Heckemann.

(cherry picked from commit 6cc6c15)
    @edolstra
    edolstra committed Jun 1, 2017
    Copy the full SHA
    e296b88 View commit details

  2. Fix seccomp initialisation on i686-linux 

    (cherry picked from commit cf93397)
    @edolstra
    edolstra committed Jun 1, 2017
    Copy the full SHA
    a2cf0f1 View commit details

  3. Add test for setuid seccomp filter 

    (cherry picked from commit 1d9ab27)
    @edolstra
    edolstra committed Jun 1, 2017
    Copy the full SHA
    17da82e View commit details

  4. Require seccomp only in multi-user setups 

    (cherry picked from commit ff6beca)
    @edolstra
    edolstra committed Jun 1, 2017
    Copy the full SHA
    1e0f1da View commit details

  5. canonicalisePathMetaData(): Remove extended attributes / ACLs 

    EAs/ACLs are not part of the NAR canonicalisation. Worse, setting an
ACL allows a builder to create writable files in the Nix store. So get
rid of them.

Closes #185.

(cherry picked from commit d798349)
    @edolstra
    edolstra committed Jun 1, 2017
    Copy the full SHA
    66618db View commit details

  6. Add a seccomp rule to disallow setxattr() 

    (cherry picked from commit 2ac99a3)
    @edolstra
    edolstra committed Jun 1, 2017
    Copy the full SHA
    634d117 View commit details

  7. Fix seccomp build failure on clang 

    Fixes

  src/libstore/build.cc:2321:45: error: non-constant-expression cannot be narrowed from type 'int' to 'scmp_datum_t' (aka 'unsigned long') in initializer list [-Wc++11-narrowing]

(cherry picked from commit fe08d17)
    @edolstra
    edolstra committed Jun 1, 2017
    Copy the full SHA
    4be5a65 View commit details

  8. Remove listxattr assertion 

    It appears that sometimes, listxattr() returns a different value for
the query case (i.e. when the buffer size is 0).

(cherry picked from commit 52fec8d)
    @edolstra
    edolstra committed Jun 1, 2017
    Copy the full SHA
    c48697d View commit details

  9. RPM, Deb: Add dependency on libseccomp 

    (cherry picked from commit ab5834f)
    @edolstra
    edolstra committed Jun 1, 2017
    Copy the full SHA
    aabe20b View commit details

  10. Fix coverage job 

    (cherry picked from commit b4b1f45)
    @edolstra
    edolstra committed Jun 1, 2017
    Copy the full SHA
    833aae4 View commit details
Loading