about summary refs log tree commit diff
path: root/src/libstore/sandbox-defaults.sb
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstore/sandbox-defaults.sb')
-rw-r--r--src/libstore/sandbox-defaults.sb2
1 files changed, 2 insertions, 0 deletions
diff --git a/src/libstore/sandbox-defaults.sb b/src/libstore/sandbox-defaults.sb
index 0292f5ee8825..d63c8f813c9e 100644
--- a/src/libstore/sandbox-defaults.sb
+++ b/src/libstore/sandbox-defaults.sb
@@ -1,5 +1,7 @@
 (define TMPDIR (param "_GLOBAL_TMP_DIR"))
 
+(deny default)
+
 ; Disallow creating setuid/setgid binaries, since that
 ; would allow breaking build user isolation.
 (deny file-write-setugid)
generated by cgit-pink 1.4.1 (git 2.44.2) at 2024-08-26T07ยท14+0000