* computeStorePathForText: take the references into account when

computing the store path (NIX-77).  This is an important security
  property in multi-user Nix stores.

  Note that this changes the store paths of derivations (since the
  derivation aterms are added using addTextToStore), but not most
  outputs (unless they use builtins.toFile).
This commit is contained in:
Eelco Dolstra 2007-01-29 15:51:37 +00:00
parent c558b1583c
commit b618fa6eb6
5 changed files with 18 additions and 6 deletions

View file

@ -624,7 +624,7 @@ static Expr prim_toFile(EvalState & state, const ATermVector & args)
} }
Path storePath = readOnlyMode Path storePath = readOnlyMode
? computeStorePathForText(name, contents) ? computeStorePathForText(name, contents, refs)
: store->addTextToStore(name, contents, refs); : store->addTextToStore(name, contents, refs);
/* Note: we don't need to add `context' to the context of the /* Note: we don't need to add `context' to the context of the

View file

@ -29,7 +29,7 @@ Path writeDerivation(const Derivation & drv, const string & name)
string suffix = name + drvExtension; string suffix = name + drvExtension;
string contents = atPrint(unparseDerivation(drv)); string contents = atPrint(unparseDerivation(drv));
return readOnlyMode return readOnlyMode
? computeStorePathForText(suffix, contents) ? computeStorePathForText(suffix, contents, references)
: store->addTextToStore(suffix, contents, references); : store->addTextToStore(suffix, contents, references);
} }

View file

@ -667,7 +667,7 @@ Path LocalStore::addToStore(const Path & _srcPath, bool fixed,
Path LocalStore::addTextToStore(const string & suffix, const string & s, Path LocalStore::addTextToStore(const string & suffix, const string & s,
const PathSet & references) const PathSet & references)
{ {
Path dstPath = computeStorePathForText(suffix, s); Path dstPath = computeStorePathForText(suffix, s, references);
addTempRoot(dstPath); addTempRoot(dstPath);

View file

@ -73,6 +73,8 @@ Path makeStorePath(const string & type,
string s = type + ":sha256:" + printHash(hash) + ":" string s = type + ":sha256:" + printHash(hash) + ":"
+ nixStore + ":" + suffix; + nixStore + ":" + suffix;
printMsg(lvlError, s);
checkStoreName(suffix); checkStoreName(suffix);
return nixStore + "/" return nixStore + "/"
@ -114,10 +116,19 @@ std::pair<Path, Hash> computeStorePathForPath(const Path & srcPath,
} }
Path computeStorePathForText(const string & suffix, const string & s) Path computeStorePathForText(const string & suffix, const string & s,
const PathSet & references)
{ {
Hash hash = hashString(htSHA256, s); Hash hash = hashString(htSHA256, s);
return makeStorePath("text", hash, suffix); /* Stuff the references (if any) into the type. This is a bit
hacky, but we can't put them in `s' since that would be
ambiguous. */
string type = "text";
for (PathSet::const_iterator i = references.begin(); i != references.end(); ++i) {
type += ":";
type += *i;
}
return makeStorePath(type, hash, suffix);
} }

View file

@ -215,7 +215,8 @@ std::pair<Path, Hash> computeStorePathForPath(const Path & srcPath,
simply yield a different store path, so other users wouldn't be simply yield a different store path, so other users wouldn't be
affected), but it has some backwards compatibility issues (the affected), but it has some backwards compatibility issues (the
hashing scheme changes), so I'm not doing that for now. */ hashing scheme changes), so I'm not doing that for now. */
Path computeStorePathForText(const string & suffix, const string & s); Path computeStorePathForText(const string & suffix, const string & s,
const PathSet & references);
/* Remove the temporary roots file for this process. Any temporary /* Remove the temporary roots file for this process. Any temporary