Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • dont-send-xp-features-to-the-daemon
  • build-with-clang
  • 2.3-maintenance
  • latest-release
  • ci-test-against-master-nix
  • test-daemon-everywhere
  • fix-manpages-install
  • be-gentle-on-missing-files-for-eval
  • search-to-pager
  • nix-init-command
  • nix-repl-experimental-features
  • nix-develop-remove-override-input-warning
  • macos-debugging
  • ca/remove-existing-invalid-store-path
  • eval-cache
  • ca/replicate-two-glibc
  • deduplicate-static-hashes-computation
  • boost-regex
  • cache-getflake
  • 2.3.15
  • 2.3.14
  • 2.3.13
  • 2.3.12
  • 2.3.11
  • 2.3.10
  • 2.3.9
  • 2.3.8
  • 2.3.7
  • 2.3.6
  • 2.3.5
  • 2.3.4
  • 2.3.3
  • 2.3.2
  • 2.3.1
  • 2.3
  • 2.2.2
  • 2.2.1
  • 2.2
  • 2.1.3
40 results
Blame Permalink
  • Eelco Dolstra's avatar
    2d35116c
    * Setuid support for sharing a Nix installation between multiple · 2d35116c
    Eelco Dolstra authored 
      users.

  If the configure flag `--enable-setuid' is used, the Nix programs
  nix-env, nix-store, etc. are installed with the setuid bit turned on
  so that they are executed as the user and group specified by
  `--with-nix-user=USER' and `--with-nix-group=GROUP', respectively
  (with defaults `nix' and `nix').

  The setuid programs drop all special privileges if they are executed
  by a user who is not a member of the Nix group.

  The setuid feature is a quick hack to enable sharing of a Nix
  installation between users who trust each other.  It is not
  generally secure, since any user in the Nix group can modify (by
  building an appropriate derivation) any object in the store, and for
  instance inject trojans into binaries used by other users.

  The setuid programs are owned by root, not the Nix user.  This is
  because on Unix normal users cannot change the real uid, only the
  effective uid.  Many programs don't work properly when the real uid
  differs from the effective uid.  For instance, Perl will turn on
  taint mode.  However, the setuid programs drop all root privileges
  immediately, changing all uids and gids to the Nix user and group.
    2d35116c
    History
    * Setuid support for sharing a Nix installation between multiple
    Eelco Dolstra authored 
      users.

  If the configure flag `--enable-setuid' is used, the Nix programs
  nix-env, nix-store, etc. are installed with the setuid bit turned on
  so that they are executed as the user and group specified by
  `--with-nix-user=USER' and `--with-nix-group=GROUP', respectively
  (with defaults `nix' and `nix').

  The setuid programs drop all special privileges if they are executed
  by a user who is not a member of the Nix group.

  The setuid feature is a quick hack to enable sharing of a Nix
  installation between users who trust each other.  It is not
  generally secure, since any user in the Nix group can modify (by
  building an appropriate derivation) any object in the store, and for
  instance inject trojans into binaries used by other users.

  The setuid programs are owned by root, not the Nix user.  This is
  because on Unix normal users cannot change the real uid, only the
  effective uid.  Many programs don't work properly when the real uid
  differs from the effective uid.  For instance, Perl will turn on
  taint mode.  However, the setuid programs drop all root privileges
  immediately, changing all uids and gids to the Nix user and group.
configure.ac 5.58 KiB