about summary refs log tree commit diff
path: root/third_party/nix/src
diff options
context:
space:
mode:
authorVincent Ambo <mail@tazj.in>2020-08-06T01·54+0100
committertazjin <mail@tazj.in>2020-08-06T02·20+0000
commita41c3dedb18201aa689206079e203f41c9bef389 (patch)
tree50a38376a89c0d182a359d9cb4b81b34b2673148 /third_party/nix/src
parent820a4fd46d4adfdf628b95a27b6cb2d1b6add0ad (diff)
chore(tvix): Disable sandboxing by default until its time comes r/1609
Change-Id: Ifcc776841924abcb43fb115f3de569fe500756c8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1682
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
Diffstat (limited to 'third_party/nix/src')
-rw-r--r--third_party/nix/src/libstore/globals.hh23
1 files changed, 8 insertions, 15 deletions
diff --git a/third_party/nix/src/libstore/globals.hh b/third_party/nix/src/libstore/globals.hh
index 7799ff28502f..54defff06bd1 100644
--- a/third_party/nix/src/libstore/globals.hh
+++ b/third_party/nix/src/libstore/globals.hh
@@ -243,21 +243,14 @@ class Settings : public Config {
       this, false, "show-trace",
       "Whether to show a stack trace on evaluation errors."};
 
-  Setting<SandboxMode> sandboxMode {
-    this,
-#if __linux__
-        smEnabled
-#else
-        smDisabled
-#endif
-        ,
-        "sandbox",
-        "Whether to enable sandboxed builds. Can be \"true\", \"false\" or "
-        "\"relaxed\".",
-    {
-      "build-use-chroot", "build-use-sandbox"
-    }
-  };
+  Setting<SandboxMode> sandboxMode{
+      this,
+      // TODO(tazjin): Turn sandboxing back on once it is time.
+      smDisabled,
+      "sandbox",
+      "Whether to enable sandboxed builds. Can be \"true\", \"false\" or "
+      "\"relaxed\".",
+      {"build-use-chroot", "build-use-sandbox"}};
 
   Setting<PathSet> sandboxPaths{
       this,