forked from lix-project/lix
* computeStorePathForText: take the references into account when
computing the store path (NIX-77). This is an important security property in multi-user Nix stores. Note that this changes the store paths of derivations (since the derivation aterms are added using addTextToStore), but not most outputs (unless they use builtins.toFile).
This commit is contained in:
parent
c558b1583c
commit
b618fa6eb6
5 changed files with 18 additions and 6 deletions
|
@ -624,7 +624,7 @@ static Expr prim_toFile(EvalState & state, const ATermVector & args)
|
|||
}
|
||||
|
||||
Path storePath = readOnlyMode
|
||||
? computeStorePathForText(name, contents)
|
||||
? computeStorePathForText(name, contents, refs)
|
||||
: store->addTextToStore(name, contents, refs);
|
||||
|
||||
/* Note: we don't need to add `context' to the context of the
|
||||
|
|
|
@ -29,7 +29,7 @@ Path writeDerivation(const Derivation & drv, const string & name)
|
|||
string suffix = name + drvExtension;
|
||||
string contents = atPrint(unparseDerivation(drv));
|
||||
return readOnlyMode
|
||||
? computeStorePathForText(suffix, contents)
|
||||
? computeStorePathForText(suffix, contents, references)
|
||||
: store->addTextToStore(suffix, contents, references);
|
||||
}
|
||||
|
||||
|
|
|
@ -667,7 +667,7 @@ Path LocalStore::addToStore(const Path & _srcPath, bool fixed,
|
|||
Path LocalStore::addTextToStore(const string & suffix, const string & s,
|
||||
const PathSet & references)
|
||||
{
|
||||
Path dstPath = computeStorePathForText(suffix, s);
|
||||
Path dstPath = computeStorePathForText(suffix, s, references);
|
||||
|
||||
addTempRoot(dstPath);
|
||||
|
||||
|
|
|
@ -73,6 +73,8 @@ Path makeStorePath(const string & type,
|
|||
string s = type + ":sha256:" + printHash(hash) + ":"
|
||||
+ nixStore + ":" + suffix;
|
||||
|
||||
printMsg(lvlError, s);
|
||||
|
||||
checkStoreName(suffix);
|
||||
|
||||
return nixStore + "/"
|
||||
|
@ -114,10 +116,19 @@ std::pair<Path, Hash> computeStorePathForPath(const Path & srcPath,
|
|||
}
|
||||
|
||||
|
||||
Path computeStorePathForText(const string & suffix, const string & s)
|
||||
Path computeStorePathForText(const string & suffix, const string & s,
|
||||
const PathSet & references)
|
||||
{
|
||||
Hash hash = hashString(htSHA256, s);
|
||||
return makeStorePath("text", hash, suffix);
|
||||
/* Stuff the references (if any) into the type. This is a bit
|
||||
hacky, but we can't put them in `s' since that would be
|
||||
ambiguous. */
|
||||
string type = "text";
|
||||
for (PathSet::const_iterator i = references.begin(); i != references.end(); ++i) {
|
||||
type += ":";
|
||||
type += *i;
|
||||
}
|
||||
return makeStorePath(type, hash, suffix);
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -215,7 +215,8 @@ std::pair<Path, Hash> computeStorePathForPath(const Path & srcPath,
|
|||
simply yield a different store path, so other users wouldn't be
|
||||
affected), but it has some backwards compatibility issues (the
|
||||
hashing scheme changes), so I'm not doing that for now. */
|
||||
Path computeStorePathForText(const string & suffix, const string & s);
|
||||
Path computeStorePathForText(const string & suffix, const string & s,
|
||||
const PathSet & references);
|
||||
|
||||
|
||||
/* Remove the temporary roots file for this process. Any temporary
|
||||
|
|
Loading…
Reference in a new issue