lix-project/lix
20
55
Fork 31
Code Issues 344 Code Review (Gerrit) Projects 3 Releases Wiki Activity

Restrict the operations on drv outputs in recursive Nix

Browse source 
There's currently no way to properly filter them, so disallow them
altogether instead.
This commit is contained in:
regnat 2020-12-11 21:12:53 +01:00
parent bab1cda0e6
commit e9b39f6004
1 changed files with 6 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
src/libstore/build/derivation-goal.cc
View file

@ -2093,18 +2093,14 @@ struct RestrictedStore : public LocalFSStore, public virtual RestrictedStoreConf
}
void registerDrvOutput(const Realisation & info) override
{
// XXX: Should we check for something here? Probably, but I'm not sure
// how
next->registerDrvOutput(info);
}
// XXX: This should probably be allowed as a no-op if the realisation
// corresponds to an allowed derivation
{ throw Error("registerDrvOutput"); }
std::optional<const Realisation> queryRealisation(const DrvOutput & id) override
{
// XXX: Should we check for something here? Probably, but I'm not sure
// how
return next->queryRealisation(id);
}
// XXX: This should probably be allowed if the realisation corresponds to
// an allowed derivation
{ throw Error("queryRealisation"); }
void buildPaths(const std::vector<StorePathWithOutputs> & paths, BuildMode buildMode) override
{