diff options
| author | Eelco Dolstra <e.dolstra@tudelft.nl> | 2003-08-22T20·12+0000 |
|---|---|---|
| committer | Eelco Dolstra <e.dolstra@tudelft.nl> | 2003-08-22T20·12+0000 |
| commit | a88144215c263e62528108dfae1e781058344ef2 (patch) | |
| tree | ff44455c3a5a5d4e6b3a556c78cc1511f7630378 /src/normalise.cc | |
| parent | 56b98c3857b89d4f81f0127c53cfce6d8e48a71f (diff) | |
* Remove write permission from output paths after they have been built.
* Point $HOME to a non-existing path when building to prevent certain tools (such as wget) from falling back on /etc/passwd to locate the home directory (which we don't want them to look at since it's not declared as an input).
Diffstat (limited to 'src/normalise.cc')
| -rw-r--r-- | src/normalise.cc | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/src/normalise.cc b/src/normalise.cc index 52437059a4e3..059b3c83a9ab 100644 --- a/src/normalise.cc +++ b/src/normalise.cc @@ -131,6 +131,14 @@ FSId normaliseFState(FSId id, FSIdSet pending) value. */ env["PATH"] = "/path-not-set"; + /* Set HOME to a non-existing path to prevent certain programs from using + /etc/passwd (or NIS, or whatever) to locate the home directory (for + example, wget looks for ~/.wgetrc). I.e., these tools use /etc/passwd + if HOME is not set, but they will just assume that the settings file + they are looking for does not exist if HOME is set but points to some + non-existing path. */ + env["HOME"] = "/homeless-shelter"; + /* Build the environment. */ for (StringPairs::iterator i = fs.derive.env.begin(); i != fs.derive.env.end(); i++) @@ -178,7 +186,8 @@ FSId normaliseFState(FSId id, FSIdSet pending) msg(lvlChatty, format("fast build succesful")); /* Check whether the output paths were created, and grep each - output path to determine what other paths it references. */ + output path to determine what other paths it references. Also make all + output paths read-only. */ StringSet usedPaths; for (DeriveOutputs::iterator i = fs.derive.outputs.begin(); i != fs.derive.outputs.end(); i++) @@ -188,10 +197,12 @@ FSId normaliseFState(FSId id, FSIdSet pending) throw Error(format("path `%1%' does not exist") % path); nfFS.slice.roots.insert(path); + makePathReadOnly(path); + /* For this output path, find the references to other paths contained in it. */ Strings refPaths = filterReferences(path, - Strings(allPaths.begin(), allPaths.end())); + Strings(allPaths.begin(), allPaths.end())); /* Construct a slice element for this output path. */ SliceElem elem; |