TakeV
/
guix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,391 Commits 102 Branches 35 Tags 561 MiB
Scheme 98%
C++ 1%
Shell 0.5%
Makefile 0.3%
Go to file
Eelco Dolstra 765bdfe542 * When NIX_REMOTE is set to "slave", fork off nix-worker in slave 
mode.  Presumably nix-worker would be setuid to the Nix store user.
  The worker performs all operations on the Nix store and database, so
  the caller can be completely unprivileged.

  This is already much more secure than the old setuid scheme, since
  the worker doesn't need to do Nix expression evaluation and so on.
  Most importantly, this means that it doesn't need to access any user
  files, with all resulting security risks; it only performs pure
  store operations.

  Once this works, it is easy to move to a daemon model that forks off
  a worker for connections established through a Unix domain socket.
  That would be even more secure.
 		2006-11-30 19:54:43 +00:00
blacklisting * This is a better location to keep the blacklist, since it can evolve 2005-03-24 14:07:02 +00:00
corepkgs * Use "propagated-user-env-packages", not "propagated-build-inputs" 2006-09-25 15:11:59 +00:00
doc * Troubleshooting information on fixing a b0rked Berkeley DB database. 2006-11-30 11:24:10 +00:00
externals * Grrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr... 2006-11-14 19:18:52 +00:00
make * `dependencyClosure' now allows a search path, e.g., 2005-08-14 14:00:39 +00:00
misc * Finally, a real "let" syntax: `let x = ...; ... z = ...; in ...'. 2006-10-02 15:52:44 +00:00
scripts * Show more progress. 2006-11-18 19:03:45 +00:00
socket * Benchmarking Unix domain sockets. 2006-11-30 15:06:46 +00:00
src * When NIX_REMOTE is set to "slave", fork off nix-worker in slave 2006-11-30 19:54:43 +00:00
tests * Checks for allowedReferences and some other features. 2006-10-19 17:44:51 +00:00
AUTHORS * Put something in here. 2004-11-07 20:30:02 +00:00
COPYING * Change this to LGPL to keep the government happy. 2006-04-25 16:41:06 +00:00
ChangeLog * Autoconf / Automake configuration and building. 2003-04-04 16:14:56 +00:00
INSTALL * Autoconf / Automake configuration and building. 2003-04-04 16:14:56 +00:00
Makefile.am * Remove --enable-setuid, --with-nix-user and --with-nix-group. 2006-11-29 21:06:58 +00:00
README * Add SHA-256. 2005-01-14 12:03:04 +00:00
aterm-gc.supp * New suppressions. 2006-03-01 15:40:01 +00:00
bootstrap.sh * Build dynamic libraries. 2005-07-22 14:52:45 +00:00
configure.ac * Skeleton of the privileged worker program. 2006-11-30 19:19:59 +00:00
fix_setuid * Example script to set permissions for setuid operation. 2006-11-29 21:58:09 +00:00
nix.conf.example * New configuration setting `build-max-jobs' which sets the default 2006-08-10 20:19:13 +00:00
nix.spec.in * Package the include directory. 2006-09-05 11:34:50 +00:00
substitute.mk * Purify `make check'. 2006-07-21 13:21:43 +00:00

README 

For installation and usage instructions, please read the manual, which
can be found in `docs/manual/manual.html', and additionally at the Nix
website at <http://www.cs.uu.nl/groups/ST/Trace/Nix>.


Acknowledgments

This product includes software developed by the OpenSSL Project for
use in the OpenSSL Toolkit (http://www.OpenSSL.org/)