Security: Ensure that a build product refers to the Nix store
[?]
Feb 13, 2013, 5:26 PM
YDVFPMKPTZAZTF37O3V3CCMRIZHUMD6QNB6A775ZCKFTCHWRHVZQCDependencies
- [2]
PMNWRTGJAdd multiple output support - [3]
FM4O2L4Mhydra: if evaluator sees cached build, also add the buildproducts - [*]
OOQ2D3KC* Refactoring: move fetchInput out of hydra_scheduler into a separate - [*]
7DWCXNC7Use the new Nix Perl bindings - [*]
TJK27WSBOpen the DB using Hydra::Model::DB->new - [*]
ARD6Z67TDo incremental SVN checkouts - [*]
OSVLMLCQhydra: factored out build restart and - [*]
CQTN62OHDie tabs die - [*]
2UZJG6XTClear nrSucceeded when restarting a build
Change contents
- edit in src/lib/Hydra/Helper/AddBuilds.pm at line 9
use Nix::Config; - edit in src/lib/Hydra/Helper/AddBuilds.pm at line 17
use File::Spec; - edit in src/lib/Hydra/Helper/AddBuilds.pm at line 773
my $storeDir = $Nix::Config::storeDir . "/"; - replacement in src/lib/Hydra/Helper/AddBuilds.pm at line 785
my $path = $3;my $path = File::Spec->canonpath($3); - edit in src/lib/Hydra/Helper/AddBuilds.pm at line 787
# Ensure that the path exists and points into the Nix store.next unless File::Spec->file_name_is_absolute($path);next if $path =~ /\/\.\./; # don't go up - edit in src/lib/Hydra/Helper/AddBuilds.pm at line 792
next unless substr($path, 0, length($storeDir)) eq $storeDir;# FIXME: check that the path is in the input closure# of the build? - edit in src/lib/Hydra/Helper/AddBuilds.pm at line 1050
, iscachedbuild => 0 - edit in src/lib/Hydra/Helper/AddBuilds.pm at line 1052[10.4793][11.85]
$build->buildproducts->delete_all;