Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2006-11-30 | * More remote operations. | Eelco Dolstra | 1 | -9/+51 | |
* Added new operation hasSubstitutes(), which is more efficient than querySubstitutes().size() > 0. | |||||
2006-11-30 | * More operations. | Eelco Dolstra | 1 | -1/+27 | |
2006-11-30 | * First remote operation: isValidPath(). | Eelco Dolstra | 1 | -2/+31 | |
2006-11-30 | * When NIX_REMOTE is set to "slave", fork off nix-worker in slave | Eelco Dolstra | 1 | -23/+12 | |
mode. Presumably nix-worker would be setuid to the Nix store user. The worker performs all operations on the Nix store and database, so the caller can be completely unprivileged. This is already much more secure than the old setuid scheme, since the worker doesn't need to do Nix expression evaluation and so on. Most importantly, this means that it doesn't need to access any user files, with all resulting security risks; it only performs pure store operations. Once this works, it is easy to move to a daemon model that forks off a worker for connections established through a Unix domain socket. That would be even more secure. | |||||
2006-11-30 | * Skeleton of the privileged worker program. | Eelco Dolstra | 2 | -0/+72 | |
* Some refactoring: put the NAR archive integer/string serialisation code in a separate file so it can be reused by the worker protocol implementation. |