puck/lix
0
0
Fork 0
forked from lix-project/lix
Code Pull requests Activity

OS X -> macOS

Browse source 
(cherry picked from commit c20641ce569dc1fdeaeaa147b0292f258667f53b)
This commit is contained in:
Eelco Dolstra 2017-06-12 14:04:52 +02:00
parent 1dcadadf74
commit a10951de08
No known key found for this signature in database
GPG key ID: 8170B4726D7198DE
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
doc/manual/release-notes/rl-1.11.10.xml
View file

@ -19,7 +19,7 @@ filter. Note that this imposes a small performance penalty (e.g. 1%
when building GNU Hello). Using seccomp, we now also prevent the when building GNU Hello). Using seccomp, we now also prevent the
creation of extended attributes and POSIX ACLs since these cannot be creation of extended attributes and POSIX ACLs since these cannot be
represented in the NAR format and (in the case of POSIX ACLs) allow represented in the NAR format and (in the case of POSIX ACLs) allow
bypassing regular Nix store permissions. On OS X, the restriction is bypassing regular Nix store permissions. On macOS, the restriction is
implemented using the existing sandbox mechanism, which now uses a implemented using the existing sandbox mechanism, which now uses a
minimal “allow all except the creation of setuid/setgid binaries” minimal “allow all except the creation of setuid/setgid binaries”
profile when regular sandboxing is disabled. On other platforms, the profile when regular sandboxing is disabled. On other platforms, the