tobias/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-11-14 11:44:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
nixpkgs/nixos/modules/installer/tools
History
Profpatsch 0e444785a1 installer/tools/get-version-suffix: set --git-dir 
The `nixos-rebuild` tool calls `get-version-suffix` to figure out the
git revision of the nixpkgs directory if there is a .git.

https://nvd.nist.gov/vuln/detail/CVE-2022-24765 made git throw an
error if the .git search logic is not turned off and a user
tries to access a `.git` directory they don’t own (otherwise a
different user could trick them into setting arbitrary git config).

So from now on we should always explicitely set `--git-dir`, which
turns this search logic (and thus the security check) off.
2022-06-27 14:28:03 +02:00
..
nixos-build-vms nixos-build-vms(8): $out/bin/nixos-run-vms should non-interactively start VMs 2022-02-19 19:43:34 +01:00
nixos-option
get-version-suffix installer/tools/get-version-suffix: set --git-dir 2022-06-27 14:28:03 +02:00
nix-fallback-paths.nix nix-fallback-paths.nix: Update to 2.9.1 2022-06-09 09:00:27 +10:00
nixos-enter.sh nixos/nixos-enter: cleanup resolv.conf handling 2022-03-18 12:19:09 -04:00
nixos-generate-config.pl nixos-generate-config: Make robust against missing newline 2022-06-21 14:37:16 +02:00
nixos-install.sh nixos-install: copy channels before system eval 2022-01-05 18:38:49 +01:00
nixos-version.sh nixos/installer: Mark scripts as Bash for ShellCheck 2021-11-26 18:54:23 +13:00
tools.nix Merge pull request #171650 from helsinki-systems/feat/config-systemd-package 2022-05-09 10:23:04 +02:00