From 813a7c65c99951a946e8342713884d46af1f2966 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <e.dolstra@tudelft.nl>
Date: Thu, 7 Dec 2006 00:19:27 +0000
Subject: [PATCH] * Sanity check.

---
 src/libstore/build.cc | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/libstore/build.cc b/src/libstore/build.cc
index 53284c8903..b4eded1b9d 100644
--- a/src/libstore/build.cc
+++ b/src/libstore/build.cc
@@ -406,7 +406,7 @@ void UserLock::acquire()
         if (!pw)
             throw Error(format("the user `%1%' in the group `%2%' does not exist")
                 % *i % buildUsersGroup);
-
+        
         fnUserLock = (format("%1%/userpool/%2%") % nixStateDir % pw->pw_uid).str();
 
         if (lockedPaths.find(fnUserLock) != lockedPaths.end())
@@ -421,6 +421,12 @@ void UserLock::acquire()
             fdUserLock = fd.borrow();
             lockedPaths.insert(fnUserLock);
             uid = pw->pw_uid;
+
+            /* Sanity check... */
+            if (uid == getuid() || uid == geteuid())
+                throw Error(format("the Nix user should not be a member of `%1%'")
+                    % buildUsersGroup);
+            
             return;
         }
     }