nix run: Set a reasonable uid/gid

author: Eelco Dolstra <eelco.dolstra@logicblox.com> 2016-06-02T17·04+0200
committer: Eelco Dolstra <eelco.dolstra@logicblox.com> 2016-06-02T17·04+0200
commit: f8a8b4d8f8a694d4eacca52d92b3538dfbdf9b95 (patch)
tree: 12ecb15125ed222eaf79baee6d25300bc501013e /src/nix
parent: d64e0c1b64dc20b02fae335397213d1ca17d9d56 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/src/nix/run.cc b/src/nix/run.cc
index 00af5bb183..a30031ad07 100644
--- a/src/nix/run.cc
+++ b/src/nix/run.cc
@@ -50,6 +50,9 @@ struct CmdRun : StoreCommand, MixInstallables
 
         if (store2 && store->storeDir != store2->realStoreDir) {
 #if __linux__
+            uid_t uid = getuid();
+            uid_t gid = getgid();
+
             if (unshare(CLONE_NEWUSER | CLONE_NEWNS) == -1)
                 throw SysError("setting up a private mount namespace");
 
@@ -91,6 +94,10 @@ struct CmdRun : StoreCommand, MixInstallables
             } else
                 if (mount(store2->realStoreDir.c_str(), store->storeDir.c_str(), "", MS_BIND, 0) == -1)
                     throw SysError(format("mounting ‘%s’ on ‘%s’") % store2->realStoreDir % store->storeDir);
+
+            writeFile("/proc/self/setgroups", "deny");
+            writeFile("/proc/self/uid_map", (format("%d %d %d") % uid % uid % 1).str());
+            writeFile("/proc/self/gid_map", (format("%d %d %d") % gid % gid % 1).str());
 #else
             throw Error(format("mounting the Nix store on ‘%s’ is not supported on this platform") % store->storeDir);
 #endif
author	Eelco Dolstra <eelco.dolstra@logicblox.com>	2016-06-02T17·04+0200
committer	Eelco Dolstra <eelco.dolstra@logicblox.com>	2016-06-02T17·04+0200
commit	f8a8b4d8f8a694d4eacca52d92b3538dfbdf9b95 (patch)
tree	12ecb15125ed222eaf79baee6d25300bc501013e /src/nix
parent	d64e0c1b64dc20b02fae335397213d1ca17d9d56 (diff)