daemon: Require a signature for imports made by root.
This reinstates commitmasteraa0f8409
, which was inadvertently undone in commit322eeb87
. Running 'guix archive --import' as root would have let corrupt or unauthentic store items through. Reported by Eric Hanchrow <eric.hanchrow@gmail.com> at <http://bugs.gnu.org/21354>. * nix/nix-daemon/nix-daemon.cc (performOp) <wopImportPaths>: Pass true as the first argument to 'importPaths'.
parent
54e515eb75
commit
ef80ca96fa
|
@ -440,7 +440,10 @@ static void performOp(bool trusted, unsigned int clientVersion,
|
||||||
case wopImportPaths: {
|
case wopImportPaths: {
|
||||||
startWork();
|
startWork();
|
||||||
TunnelSource source(from);
|
TunnelSource source(from);
|
||||||
Paths paths = store->importPaths(!trusted, source);
|
|
||||||
|
/* Unlike Nix, always require a signature, even for "trusted"
|
||||||
|
users. */
|
||||||
|
Paths paths = store->importPaths(true, source);
|
||||||
stopWork();
|
stopWork();
|
||||||
writeStrings(paths, to);
|
writeStrings(paths, to);
|
||||||
break;
|
break;
|
||||||
|
|
Reference in New Issue