Eelco Dolstra eba840c8a1 Linux sandbox: Use /build instead of /tmp as $TMPDIR ... There is a security issue when a build accidentally stores its $TMPDIR in some critical place, such as an RPATH. If TMPDIR=/tmp/nix-build-..., then any user on the system can recreate that directory and inject libraries into the RPATH of programs executed by other users. Since /build probably doesn't exist (or isn't world-writable), this mitigates the issue.		2017-05-04 16:57:03 +02:00
..
boost	Shut up some warnings	2017-04-14 14:42:20 +02:00
build-remote	build-remote: Fix fallback to other machines when connecting fails	2017-05-02 15:46:09 +02:00
buildenv	Fix Fedora build	2016-08-30 13:56:22 +02:00
libexpr	lexer: remove catch-all rules hiding real errors	2017-05-01 01:18:06 +02:00
libmain	Factor out --json	2017-04-24 14:21:36 +02:00
libstore	Linux sandbox: Use /build instead of /tmp as $TMPDIR	2017-05-04 16:57:03 +02:00
libutil	Fix build on gcc 4.9	2017-05-03 16:08:48 +02:00
nix	nix dump-path: Add	2017-05-04 14:21:22 +02:00
nix-build	nix-shell: Implement passAsFile	2017-05-03 15:01:15 +02:00
nix-channel	nix-channel: error out if direct tarball unpack fails.	2017-04-10 18:16:46 -04:00
nix-collect-garbage	printMsg(lvlError, ...) -> printError(...) etc.	2016-09-21 16:54:53 +02:00
nix-copy-closure	build-remote: Don't require signatures	2017-05-01 20:03:25 +02:00
nix-daemon	Suppress warning about ssh-auth-sock	2017-04-28 16:55:52 +02:00
nix-env	printMsg(lvlError, ...) -> printError(...) etc.	2016-09-21 16:54:53 +02:00
nix-instantiate	Allow setting the state directory as a store parameter	2016-06-02 16:02:48 +02:00
nix-prefetch-url	runProgram(): Distinguish between empty input and no input	2017-03-15 16:50:19 +01:00
nix-store	Doh	2017-04-26 17:58:09 +02:00
resolve-system-dependencies	printMsg(lvlError, ...) -> printError(...) etc.	2016-09-21 16:54:53 +02:00