From 109f6449cc782efae84f71bc68fe5ead1c752e3e Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <edolstra@gmail.com>
Date: Fri, 17 Oct 2025 20:23:20 +0200
Subject: [PATCH] nix store dump-path: Refuse to write NARs to the terminal

---
 src/nix/dump-path.cc | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/nix/dump-path.cc b/src/nix/dump-path.cc
index 8475655e9..f375b0ac8 100644
--- a/src/nix/dump-path.cc
+++ b/src/nix/dump-path.cc
@@ -4,6 +4,14 @@
 
 using namespace nix;
 
+static FdSink getNarSink()
+{
+    auto fd = getStandardOutput();
+    if (isatty(fd))
+        throw UsageError("refusing to write NAR to a terminal");
+    return FdSink(std::move(fd));
+}
+
 struct CmdDumpPath : StorePathCommand
 {
     std::string description() override
@@ -20,7 +28,7 @@ struct CmdDumpPath : StorePathCommand
 
     void run(ref<Store> store, const StorePath & storePath) override
     {
-        FdSink sink(getStandardOutput());
+        auto sink = getNarSink();
         store->narFromPath(storePath, sink);
         sink.flush();
     }
@@ -51,7 +59,7 @@ struct CmdDumpPath2 : Command
 
     void run() override
     {
-        FdSink sink(getStandardOutput());
+        auto sink = getNarSink();
         dumpPath(path, sink);
         sink.flush();
     }