Only add the importNative primop if the allow-arbitrary-code-during-evaluation option is true (default false)

src/libexpr/primops.cc

@@ -1368,7 +1368,8 @@ void EvalState::createBaseEnv()
     mkApp(v, *baseEnv.values[baseEnvDispl - 1], *v2);
     forceValue(v);
     addConstant("import", v);
-    addPrimOp("__importNative", 2, prim_importNative);
+    if (settings.enableImportNative)
+        addPrimOp("__importNative", 2, prim_importNative);
     addPrimOp("__typeOf", 1, prim_typeOf);
     addPrimOp("isNull", 1, prim_isNull);
     addPrimOp("__isFunction", 1, prim_isFunction);

src/libstore/globals.cc

@@ -61,6 +61,7 @@ Settings::Settings()
     envKeepDerivations = false;
     lockCPU = getEnv("NIX_AFFINITY_HACK", "1") == "1";
     showTrace = false;
+    enableImportNative = false;
 }
 
 
@@ -148,6 +149,7 @@ void Settings::update()
     get(sshSubstituterHosts, "ssh-substituter-hosts");
     get(useSshSubstituter, "use-ssh-substituter");
     get(logServers, "log-servers");
+    get(enableImportNative, "allow-arbitrary-code-during-evaluation");
 
     string subs = getEnv("NIX_SUBSTITUTERS", "default");
     if (subs == "default") {

src/libstore/globals.hh

@@ -200,6 +200,9 @@ struct Settings {
     /* A list of URL prefixes that can return Nix build logs. */
     Strings logServers;
 
+    /* Whether the importNative primop should be enabled */
+    bool enableImportNative;
+
 private:
     SettingsMap settings, overrides;