mirror of
https://github.com/NixOS/nix.git
synced 2025-11-21 09:49:36 +01:00
Move macOS sandbox files to sr/libstore/build
This commit is contained in:
Eelco Dolstra
parent
609a7dc059
commit
6991e558dd
3 changed files with 0 additions and 0 deletions
9
src/libstore/build/sandbox-minimal.sb
Normal file
9
src/libstore/build/sandbox-minimal.sb
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
R""(
|
||||
|
||||
(allow default)
|
||||
|
||||
; Disallow creating setuid/setgid binaries, since that
|
||||
; would allow breaking build user isolation.
|
||||
(deny file-write-setugid)
|
||||
|
||||
)""
|
||||
Loading…
Add table
Add a link
Reference in a new issue