diff options
author | Ludovic Courtès <ludo@gnu.org> | 2015-06-06 18:00:58 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2015-06-06 18:58:55 +0200 |
commit | aa0f8409db9abb4d8d04127b1072f12a64b5f7ee (patch) | |
tree | f24e5dd174f749cacd4d1971beba4b95c05f4667 | |
parent | d2aa12250ece6d71ef1edee2ea2a69ccf70ac354 (diff) | |
download | patches-aa0f8409db9abb4d8d04127b1072f12a64b5f7ee.tar patches-aa0f8409db9abb4d8d04127b1072f12a64b5f7ee.tar.gz |
daemon: Always require a signature when importing an archive.
* nix/nix-daemon/nix-daemon.cc (performOp): Pass true as the first argument to
'performOp'.
-rw-r--r-- | nix/nix-daemon/nix-daemon.cc | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/nix/nix-daemon/nix-daemon.cc b/nix/nix-daemon/nix-daemon.cc index 2b89190dbe..10159db62e 100644 --- a/nix/nix-daemon/nix-daemon.cc +++ b/nix/nix-daemon/nix-daemon.cc @@ -440,7 +440,10 @@ static void performOp(bool trusted, unsigned int clientVersion, case wopImportPaths: { startWork(); TunnelSource source(from); - Paths paths = store->importPaths(!trusted, source); + + /* Unlike Nix, always require a signature, even for "trusted" + users. */ + Paths paths = store->importPaths(true, source); stopWork(); writeStrings(paths, to); break; |