maurice/snix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

* Set the umask to known value (0022). This is important in a

Browse source 
setuid installation, since the calling user may have a more fascist
  umask (say, 0077), which would cause the store objects built by Nix
  to be unreadable to anyone other than the Nix user.
This commit is contained in:
Eelco Dolstra 2004-09-09 14:16:02 +00:00
parent 550d960586
commit e043fc7d0b
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/libmain/shared.cc
View file

@ -91,6 +91,12 @@ static void initAndRun(int argc, char * * argv)
if (sigaction(SIGPIPE, &act, &oact)) if (sigaction(SIGPIPE, &act, &oact))
throw SysError("ignoring SIGPIPE"); throw SysError("ignoring SIGPIPE");
/* There is no privacy in the Nix system ;-) At least not for
now. In particular, store objects should be readable by
everybody. This prevents nasty surprises when using a shared
store (with the setuid() hack). */
umask(0022);
/* Process the NIX_LOG_TYPE environment variable. */ /* Process the NIX_LOG_TYPE environment variable. */
string lt = getEnv("NIX_LOG_TYPE"); string lt = getEnv("NIX_LOG_TYPE");
if (lt != "") setLogType(lt); if (lt != "") setLogType(lt);