about summary refs log tree commit diff
path: root/src/nix-daemon
diff options
context:
space:
mode:
authorEelco Dolstra <edolstra@gmail.com>2019-10-09T16·01+0200
committerEelco Dolstra <edolstra@gmail.com>2019-10-09T21·57+0200
commit65953789bcd73f098486b0a385b4e661c0ccda19 (patch)
tree92a0208f5a4455b89f9549b802dc0f063e64711f /src/nix-daemon
parent910b0fcc118cce3ade09f252da43fbe2436080e5 (diff)
Remove world-writability from per-user directories
'nix-daemon' now creates subdirectories for users when they first
connect.

Fixes #509 (CVE-2019-17365).
Should also fix #3127.

(cherry picked from commit 5a303093dcae1e5ce9212616ef18f2ca51020b0d)
Diffstat (limited to 'src/nix-daemon')
-rw-r--r--src/nix-daemon/nix-daemon.cc9
1 files changed, 6 insertions, 3 deletions
diff --git a/src/nix-daemon/nix-daemon.cc b/src/nix-daemon/nix-daemon.cc
index e88aaf636444..cd18489b0cdb 100644
--- a/src/nix-daemon/nix-daemon.cc
+++ b/src/nix-daemon/nix-daemon.cc
@@ -742,7 +742,8 @@ static void performOp(TunnelLogger * logger, ref<Store> store,
 }
 
 
-static void processConnection(bool trusted)
+static void processConnection(bool trusted,
+    const std::string & userName, uid_t userId)
 {
     MonitorFdHup monitor(from.fd);
 
@@ -793,6 +794,8 @@ static void processConnection(bool trusted)
         params["path-info-cache-size"] = "0";
         auto store = openStore(settings.storeUri, params);
 
+        store->createUser(userName, userId);
+
         tunnelLogger->stopWork();
         to.flush();
 
@@ -1053,7 +1056,7 @@ static void daemonLoop(char * * argv)
                 /* Handle the connection. */
                 from.fd = remote.get();
                 to.fd = remote.get();
-                processConnection(trusted);
+                processConnection(trusted, user, peer.uid);
 
                 exit(0);
             }, options);
@@ -1133,7 +1136,7 @@ static int _main(int argc, char * * argv)
                     }
                 }
             } else {
-                processConnection(true);
+                processConnection(true, "root", 0);
             }
         } else {
             daemonLoop(argv);