lix-project/lix
20
57
Fork 31
Code Issues 349 Code Review (Gerrit) Projects 3 Releases Wiki Activity

Don't allow untrusted users to set info.ultimate

Browse source 
Note that a trusted signature was still required in this case so it
was not a huge deal.
This commit is contained in:
Eelco Dolstra 2017-05-11 13:58:09 +02:00
parent 6f245bf24a
commit 1a8e15053a
No known key found for this signature in database
GPG key ID: 8170B4726D7198DE
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/nix-daemon/nix-daemon.cc
View file

@ -621,6 +621,8 @@ static void performOp(ref<LocalStore> store, bool trusted, unsigned int clientVe
from >> info.ca >> repair >> dontCheckSigs;
if (!trusted && dontCheckSigs)
dontCheckSigs = false;
if (!trusted)
info.ultimate = false;
TeeSink tee(from);
parseDump(tee, tee.source);