depot - monorepo for the virus lounge

Age	Commit message (Collapse)	Author	Files	Lines
2011-08-31	* Eliminate all uses of the global variable ‘store’ from libstore.	Eelco Dolstra	1	-2/+6
	This should also fix: nix-instantiate: ./../boost/shared_ptr.hpp:254: T* boost::shared_ptr<T>::operator->() const [with T = nix::StoreAPI]: Assertion `px != 0' failed. which was caused by hashDerivationModulo() calling the ‘store’ object (during store upgrades) before openStore() assigned it.
2011-07-20	* Fix a huuuuge security hole in the Nix daemon. It didn't check that	Eelco Dolstra	1	-1/+12
	derivations added to the store by clients have "correct" output paths (meaning that the output paths are computed by hashing the derivation according to a certain algorithm). This means that a malicious user could craft a special .drv file to build any desired path in the store with any desired contents (so long as the path doesn't already exist). Then the attacker just needs to wait for a victim to come along and install the compromised path. For instance, if Alice (the attacker) knows that the latest Firefox derivation in Nixpkgs produces the path /nix/store/1a5nyfd4ajxbyy97r1fslhgrv70gj8a7-firefox-5.0.1 then (provided this path doesn't already exist) she can craft a .drv file that creates that path (i.e., has it as one of its outputs), add it to the store using "nix-store --add", and build it with "nix-store -r". So the fake .drv could write a Trojan to the Firefox path. Then, if user Bob (the victim) comes along and does $ nix-env -i firefox $ firefox he executes the Trojan injected by Alice. The fix is to have the Nix daemon verify that derivation outputs are correct (in addValidPath()). This required some refactoring to move the hash computation code to libstore.
2010-05-12	* Sync with the trunk.	Eelco Dolstra	1	-10/+5

2010-04-19	* Don't use the ATerm library for parsing/printing .drv files.	Eelco Dolstra	1	-8/+3

2010-03-02	* When using the included sqlite/aterm libraries, build with	Eelco Dolstra	1	-1/+1
	--enable-shared. * In libutil/libstore/libexpr etc., link against sqlite and aterm. * Some more header file hygiene.
2009-12-16	* Build correctly against newer ATerm releases. Fixes "error: 'union'	Eelco Dolstra	1	-1/+1
	tag used in naming 'struct _ATerm'".
2006-09-04	* Remove unnecessary inclusions of aterm2.h.	Eelco Dolstra	1	-1/+2

2006-09-04	* Use a proper namespace.	Eelco Dolstra	1	-4/+12
	* Optimise header file usage a bit. * Compile the parser as C++.
2005-01-20	* Another change to low-level derivations. The last one this year, I	Eelco Dolstra	1	-1/+6
	promise :-) This allows derivations to specify on what output paths of input derivations they are dependent. This helps to prevent unnecessary downloads. For instance, a build might be dependent on the `devel' and `lib' outputs of some library component, but not the `docs' output.
2005-01-19	* Renamed `normalise.cc' -> `build.cc', `storeexprs.cc' ->	Eelco Dolstra	1	-0/+62
	`derivations.cc', etc. * Store the SHA-256 content hash of store paths in the database after they have been built/added. This is so that we can check whether the store has been messed with (a la `rpm --verify'). * When registering path validity, verify that the closure property holds.