nrabulinski/lix
0
0
Fork 0
forked from lix-project/lix
Code Pull requests Activity

Verify $HOME is owned by current user in getHome(), if it exists.

Browse source 
Useful because a default `sudo` on darwin doesn't clear `$HOME`, so things like `sudo nix-channel --list`
will surprisingly return the USER'S channels, rather than `root`'s.

Other counterintuitive outcomes can be seen in this PR description:
  https://github.com/NixOS/nix/pull/6622
This commit is contained in:
Dave Nicponski 2022-06-15 16:38:56 -04:00
parent 9f58df4c91
commit ca2be509b9
1 changed files with 14 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
src/libutil/util.cc
View file

@ -574,6 +574,20 @@ Path getHome()
static Path homeDir = []()
{
auto homeDir = getEnv("HOME");
if (homeDir) {
// Only use $HOME if doesn't exist or is owned by the current user.
struct stat st;
int result = stat(homeDir->c_str(), &st);
if (result != 0) {
if (errno != ENOENT) {
warn("Couldn't stat $HOME ('%s') for reason other than not existing ('%d'), falling back to the one defined in the 'passwd' file", *homeDir, errno);
homeDir.reset();
}
} else if (st.st_uid != geteuid()) {
warn("$HOME ('%s') is not owned by you, falling back to the one defined in the 'passwd' file", *homeDir);
homeDir.reset();
}
}
if (!homeDir) {
std::vector<char> buf(16384);
struct passwd pwbuf;