lehmanator/lix
0
0
Fork 0
forked from lix-project/lix
Code Pull requests Activity
A modern, delicious implementation of the Nix package manager, focused on correctness, usability, and growth — and committed to doing right by its community
1391 commits 29 branches 5 tags 81 MiB
C++ 81.1%
Shell 8%
Nix 6.2%
Meson 1.8%
Python 1.3%
Other 1.6%
Find a file
Eelco Dolstra 765bdfe542 * When NIX_REMOTE is set to "slave", fork off nix-worker in slave 
mode.  Presumably nix-worker would be setuid to the Nix store user.
  The worker performs all operations on the Nix store and database, so
  the caller can be completely unprivileged.

  This is already much more secure than the old setuid scheme, since
  the worker doesn't need to do Nix expression evaluation and so on.
  Most importantly, this means that it doesn't need to access any user
  files, with all resulting security risks; it only performs pure
  store operations.

  Once this works, it is easy to move to a daemon model that forks off
  a worker for connections established through a Unix domain socket.
  That would be even more secure.
2006-11-30 19:54:43 +00:00
blacklisting * This is a better location to keep the blacklist, since it can evolve 2005-03-24 14:07:02 +00:00
corepkgs * Use "propagated-user-env-packages", not "propagated-build-inputs" 2006-09-25 15:11:59 +00:00
doc * Troubleshooting information on fixing a b0rked Berkeley DB database. 2006-11-30 11:24:10 +00:00
externals * Grrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr... 2006-11-14 19:18:52 +00:00
make * `dependencyClosure' now allows a search path, e.g., 2005-08-14 14:00:39 +00:00
misc * Finally, a real "let" syntax: `let x = ...; ... z = ...; in ...'. 2006-10-02 15:52:44 +00:00
scripts * Show more progress. 2006-11-18 19:03:45 +00:00
socket * Benchmarking Unix domain sockets. 2006-11-30 15:06:46 +00:00
src * When NIX_REMOTE is set to "slave", fork off nix-worker in slave 2006-11-30 19:54:43 +00:00
tests * Checks for allowedReferences and some other features. 2006-10-19 17:44:51 +00:00
aterm-gc.supp * New suppressions. 2006-03-01 15:40:01 +00:00
AUTHORS * Put something in here. 2004-11-07 20:30:02 +00:00
bootstrap.sh * Build dynamic libraries. 2005-07-22 14:52:45 +00:00
ChangeLog * Autoconf / Automake configuration and building. 2003-04-04 16:14:56 +00:00
configure.ac * Skeleton of the privileged worker program. 2006-11-30 19:19:59 +00:00
COPYING * Change this to LGPL to keep the government happy. 2006-04-25 16:41:06 +00:00
fix_setuid * Example script to set permissions for setuid operation. 2006-11-29 21:58:09 +00:00
INSTALL * Autoconf / Automake configuration and building. 2003-04-04 16:14:56 +00:00
Makefile.am * Remove --enable-setuid, --with-nix-user and --with-nix-group. 2006-11-29 21:06:58 +00:00
nix.conf.example * New configuration setting `build-max-jobs' which sets the default 2006-08-10 20:19:13 +00:00
nix.spec.in * Package the include directory. 2006-09-05 11:34:50 +00:00
README * Add SHA-256. 2005-01-14 12:03:04 +00:00
substitute.mk * Purify `make check'. 2006-07-21 13:21:43 +00:00

README 

For installation and usage instructions, please read the manual, which
can be found in `docs/manual/manual.html', and additionally at the Nix
website at <http://www.cs.uu.nl/groups/ST/Trace/Nix>.


Acknowledgments

This product includes software developed by the OpenSSL Project for
use in the OpenSSL Toolkit (http://www.OpenSSL.org/)