philiptaron/lix
0
0
Fork 0
forked from lix-project/lix
Code Pull requests Activity

Add a warning about the 'trusted-users' option

Browse source
This commit is contained in:
Eelco Dolstra 2017-11-21 18:49:52 +01:00
parent 4fcf44825f
commit 7536fe31dd
No known key found for this signature in database
GPG key ID: 8170B4726D7198DE
1 changed files with 6 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
doc/manual/command-ref/conf-file.xml
View file

@ -543,11 +543,12 @@ password <replaceable>my-password</replaceable>
<literal>wheel</literal> group. The default is <literal>wheel</literal> group. The default is
<literal>root</literal>.</para> <literal>root</literal>.</para>
<warning><para>The users listed here have the ability to <warning><para>Adding a user to <option>trusted-users</option>
compromise the security of a multi-user Nix store. For instance, is essentially equivalent to giving that user root access to the
they could install Trojan horses subsequently executed by other system. For example, the user can set
users. So you should consider carefully whether to add users to <option>sandbox-paths</option> and thereby obtain read access to
this list.</para></warning> directories that are otherwise inacessible to
them.</para></warning>
</listitem> </listitem>