Théophane Hufschmitt 8c27eb6c1b Copy the output of fixed-output derivations before registering them ... It is possible to exfiltrate a file descriptor out of the build sandbox of FODs, and use it to modify the store path after it has been registered. To avoid that issue, don't register the output of the build, but a copy of it (that will be free of any leaked file descriptor).		2024-03-01 10:24:54 +01:00
..
build-remote	distributed builds: load remote builder host key from the machines file	2021-02-25 11:11:07 -05:00
cpptoml	bump cpptoml to v0.1.1	2019-05-29 17:01:39 +08:00
libexpr	Escape ${ in strings when printing Nix expressions	2023-10-31 12:06:50 +02:00
libmain	preloadNSS: rework the dns query workaround	2021-11-25 13:06:00 -08:00
libstore	Copy the output of fixed-output derivations before registering them	2024-03-01 10:24:54 +01:00
libutil	libutil: add ZstdDecompressionSink	2023-10-23 17:36:13 +00:00
nix	repl.cc: Check for HAVE_BOEHMGC	2020-08-13 04:34:36 +02:00
nix-build	nix-shell: don't check for "nix-shell" in shebang script name	2021-11-30 05:33:50 +00:00
nix-channel	nix-env: Create ~/.nix-profile automatically	2019-10-10 00:00:54 +02:00
nix-collect-garbage	Merge all nix-* binaries into nix	2018-10-26 12:54:00 +02:00
nix-copy-closure	Merge all nix-* binaries into nix	2018-10-26 12:54:00 +02:00
nix-daemon	Fix SO_PEERCRED usage on OpenBSD	2023-03-11 23:07:19 +04:00
nix-env	Fix insufficent attribute capacity in user profile	2021-03-13 17:32:47 +00:00
nix-instantiate	Merge all nix-* binaries into nix	2018-10-26 12:54:00 +02:00
nix-prefetch-url	nix-prefetch-url: Stop progress bar before printing results	2018-11-09 10:34:12 +01:00
nix-store	nix-store: fix out of sync protocol	2019-08-16 15:05:45 +02:00
nlohmann	nlohmann-json: 3.4.0 -> 3.5.0	2018-12-21 22:38:06 -06:00
resolve-system-dependencies	Apply OS checks to host platform, not build	2021-07-27 08:41:57 +00:00