Prevent accidental recursive Nix

author: Eelco Dolstra <edolstra@gmail.com> 2018-02-07T18·07+0100
committer: Eelco Dolstra <edolstra@gmail.com> 2018-02-07T18·07+0100
commit: 88b5d0c8e89afefbc547b6243c5aa5a3ec8176e9 (patch)
tree: 5456cbce6f715f180cd20539ad4fe1446261dd3c
parent: 48c192ca2d5bc65b69d2336c8577258f8eb80cf8 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/nix-daemon/nix-daemon.cc b/src/nix-daemon/nix-daemon.cc
index b5d49b6428ac..0e5ff370cf74 100644
--- a/src/nix-daemon/nix-daemon.cc
+++ b/src/nix-daemon/nix-daemon.cc
@@ -994,7 +994,7 @@ static void daemonLoop(char * * argv)
             if (matchUser(user, group, trustedUsers))
                 trusted = true;
 
-            if (!trusted && !matchUser(user, group, allowedUsers))
+            if ((!trusted && !matchUser(user, group, allowedUsers)) || group == "nixbld")
                 throw Error(format("user '%1%' is not allowed to connect to the Nix daemon") % user);
 
             printInfo(format((string) "accepted connection from pid %1%, user %2%" + (trusted ? " (trusted)" : ""))
author	Eelco Dolstra <edolstra@gmail.com>	2018-02-07T18·07+0100
committer	Eelco Dolstra <edolstra@gmail.com>	2018-02-07T18·07+0100
commit	88b5d0c8e89afefbc547b6243c5aa5a3ec8176e9 (patch)
tree	5456cbce6f715f180cd20539ad4fe1446261dd3c
parent	48c192ca2d5bc65b69d2336c8577258f8eb80cf8 (diff)