picnoir/nix-gh
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
5393 commits 46 branches 55 tags 27 MiB
C++ 85.6%
Shell 5.9%
Nix 3.4%
M4 1.4%
Makefile 1.1%
Other 2.5%
Go to file
Eelco Dolstra 6cc6c15a2d
Add a seccomp filter to prevent creating setuid/setgid binaries 
This prevents builders from setting the S_ISUID or S_ISGID bits,
preventing users from using a nixbld* user to create a setuid/setgid
binary to interfere with subsequent builds under the same nixbld* uid.

This is based on aszlig's seccomp code
(47f587700d).

Reported by Linus Heckemann.
2017-05-29 16:14:10 +02:00
config Add config.guess, config.sub and install-sh 2013-11-25 11:26:02 +00:00
corepkgs Merge branch 'remove-perl' of https://github.com/shlevy/nix 2017-03-31 14:13:32 +02:00
doc/manual Merge pull request #1393 from pyrtsa/patch-1 2017-05-29 11:32:06 +02:00
maintainers Update upload-release script 2017-01-03 11:42:56 +01:00
misc Figure out the user's home directory if $HOME is not set 2017-05-05 17:08:23 +02:00
mk set _GNU_SOURCE on cygwin 2017-04-21 11:27:27 -03:00
perl perl-bindings: Remove unused --with-store-dir flag 2017-05-03 17:43:52 +02:00
scripts nix-profile.sh: remove sbin from PATH 2017-05-07 07:41:19 +01:00
src Add a seccomp filter to prevent creating setuid/setgid binaries 2017-05-29 16:14:10 +02:00
tests Merge branch 'nar-accessor-tree' of https://github.com/bennofs/nix 2017-05-24 11:04:43 +02:00
.dir-locals.el Add .dir-locals.el for Emacs 2016-01-28 11:12:04 +01:00
.gitignore Add nix-perl package for the perl bindings 2017-02-07 15:56:32 -05:00
bootstrap.sh bootstrap: Simplify & make more robust. 2011-09-06 12:11:05 +00:00
configure.ac Add a seccomp filter to prevent creating setuid/setgid binaries 2017-05-29 16:14:10 +02:00
COPYING * Change this to LGPL to keep the government happy. 2006-04-25 16:41:06 +00:00
local.mk Shut up some warnings 2017-04-14 14:42:20 +02:00
Makefile Merge branch 'remove-perl' of https://github.com/shlevy/nix 2017-03-31 14:13:32 +02:00
Makefile.config.in Add --with-sandbox-shell configure flag 2017-05-15 17:36:32 +02:00
nix.spec.in Replace readline by linenoise 2017-05-10 18:37:42 +02:00
README.md Fix minor grammatical nitpick ("it's" vs. "its") in README.md. 2017-03-22 10:11:23 -04:00
release-common.nix Add --with-sandbox-shell configure flag 2017-05-15 17:36:32 +02:00
release.nix Add a seccomp filter to prevent creating setuid/setgid binaries 2017-05-29 16:14:10 +02:00
shell.nix Add a seccomp filter to prevent creating setuid/setgid binaries 2017-05-29 16:14:10 +02:00
version Bump 2016-01-20 16:34:37 +01:00

README.md

Nix, the purely functional package manager

Nix is a new take on package management that is fairly unique. Because of its purity aspects, a lot of issues found in traditional package managers don't appear with Nix.

To find out more about the tool, usage and installation instructions, please read the manual, which is available on the Nix website at http://nixos.org/nix/manual.

Contributing

Take a look at the Hacking Section of the manual. It helps you to get started with building Nix from source.

License

Nix is released under the LGPL v2.1

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit.