diff options
| author | Vincent Ambo <mail@tazj.in> | 2022-05-18T15·39+0200 |
|---|---|---|
| committer | clbot <clbot@tvl.fyi> | 2022-05-19T14·08+0000 |
| commit | d127f9bd0e7b9b2e0df2de8a2227f77c0907468d (patch) | |
| tree | 68455040d88b8e0c2817601db88ede450873ff8e /third_party/nix/doc/manual/release-notes/rl-1.11.10.xml | |
| parent | c85291c602ac666421627d6934ebc6d5be1b93e1 (diff) | |
chore(3p/nix): unvendor tvix 0.1 r/4098
Nothing is using this now, and we'll likely never pick this up again, but we learned a lot in the process. Every now and then this breaks in some bizarre way on channel bumps and it's just a waste of time to maintain that. Change-Id: Idcf2f5acd4ca7070ce18d7149cbfc0d967dc0a44 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5632 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: lukegb <lukegb@tvl.fyi> Autosubmit: tazjin <tazjin@tvl.su>
Diffstat (limited to 'third_party/nix/doc/manual/release-notes/rl-1.11.10.xml')
| -rw-r--r-- | third_party/nix/doc/manual/release-notes/rl-1.11.10.xml | 31 |
1 files changed, 0 insertions, 31 deletions
diff --git a/third_party/nix/doc/manual/release-notes/rl-1.11.10.xml b/third_party/nix/doc/manual/release-notes/rl-1.11.10.xml deleted file mode 100644 index 415388b3e2d1..000000000000 --- a/third_party/nix/doc/manual/release-notes/rl-1.11.10.xml +++ /dev/null @@ -1,31 +0,0 @@ -<section xmlns="http://docbook.org/ns/docbook" - xmlns:xlink="http://www.w3.org/1999/xlink" - xmlns:xi="http://www.w3.org/2001/XInclude" - version="5.0" - xml:id="ssec-relnotes-1.11.10"> - -<title>Release 1.11.10 (2017-06-12)</title> - -<para>This release fixes a security bug in Nix’s “build user” build -isolation mechanism. Previously, Nix builders had the ability to -create setuid binaries owned by a <literal>nixbld</literal> -user. Such a binary could then be used by an attacker to assume a -<literal>nixbld</literal> identity and interfere with subsequent -builds running under the same UID.</para> - -<para>To prevent this issue, Nix now disallows builders to create -setuid and setgid binaries. On Linux, this is done using a seccomp BPF -filter. Note that this imposes a small performance penalty (e.g. 1% -when building GNU Hello). Using seccomp, we now also prevent the -creation of extended attributes and POSIX ACLs since these cannot be -represented in the NAR format and (in the case of POSIX ACLs) allow -bypassing regular Nix store permissions. On macOS, the restriction is -implemented using the existing sandbox mechanism, which now uses a -minimal “allow all except the creation of setuid/setgid binaries” -profile when regular sandboxing is disabled. On other platforms, the -“build user” mechanism is now disabled.</para> - -<para>Thanks go to Linus Heckemann for discovering and reporting this -bug.</para> - -</section> |