lix-project/lix
20
55
Fork 31
Code Issues 345 Code Review (Gerrit) Projects 3 Releases Wiki Activity

Restrict the operations on drv outputs in recursive Nix

Browse source 
There's currently no way to properly filter them, so disallow them
altogether instead.
This commit is contained in:
regnat 2020-12-11 21:12:53 +01:00
parent bab1cda0e6
commit e9b39f6004
1 changed files with 6 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
src/libstore/build/derivation-goal.cc
View file

@ -2093,18 +2093,14 @@ struct RestrictedStore : public LocalFSStore, public virtual RestrictedStoreConf
} }
void registerDrvOutput(const Realisation & info) override void registerDrvOutput(const Realisation & info) override
{ // XXX: This should probably be allowed as a no-op if the realisation
// XXX: Should we check for something here? Probably, but I'm not sure // corresponds to an allowed derivation
// how { throw Error("registerDrvOutput"); }
next->registerDrvOutput(info);
}
std::optional<const Realisation> queryRealisation(const DrvOutput & id) override std::optional<const Realisation> queryRealisation(const DrvOutput & id) override
{ // XXX: This should probably be allowed if the realisation corresponds to
// XXX: Should we check for something here? Probably, but I'm not sure // an allowed derivation
// how { throw Error("queryRealisation"); }
return next->queryRealisation(id);
}
void buildPaths(const std::vector<StorePathWithOutputs> & paths, BuildMode buildMode) override void buildPaths(const std::vector<StorePathWithOutputs> & paths, BuildMode buildMode) override
{ {