From 47f87072ad42338a9b6397a250abf2775d051d8e Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <e.dolstra@tudelft.nl>
Date: Thu, 9 Sep 2004 21:12:53 +0000
Subject: * A very dirty hack to make setuid installations a bit nicer to use. 
  Previously there was the problem that all files read by nix-env   etc.
 should be reachable and readable by the Nix user.  So for   instance building
 a Nix expression in your home directory meant that   the home directory
 should have at least g+x or o+x permission so   that the Nix user could reach
 the Nix expression.  Now we just   switch back to the original user just
 prior to reading sources and   the like.  The places where this happens are
 somewhat arbitrary,   however.  Any scope that has a live
 SwitchToOriginalUser object in   it is executed as the original user.

* Back out r1385.  setreuid() sets the saved uid to the new
  real/effective uid, which prevents us from switching back to the
  original uid.  setresuid() doesn't have this problem (although the
  manpage has a bug: specifying -1 for the saved uid doesn't leave it
  unchanged; an explicit value must be specified).
---
 src/libexpr/parser.cc | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'src/libexpr/parser.cc')

diff --git a/src/libexpr/parser.cc b/src/libexpr/parser.cc
index 90e008473048..763faacf7be3 100644
--- a/src/libexpr/parser.cc
+++ b/src/libexpr/parser.cc
@@ -106,6 +106,8 @@ static Expr parse(EvalState & state,
 
 Expr parseExprFromFile(EvalState & state, Path path)
 {
+    SwitchToOriginalUser sw;
+
     assert(path[0] == '/');
 
 #if 0
-- 
cgit 1.4.1