daemon: Require a signature for imports made by root. This reinstates commit aa0f8409, which was inadvertently undone in commit 322eeb87. Running 'guix archive --import' as root would have let corrupt or unauthentic store items through. Reported by Eric Hanchrow <eric.hanchrow@gmail.com> at <http://bugs.gnu.org/21354>. * nix/nix-daemon/nix-daemon.cc (performOp) <wopImportPaths>: Pass true as the first argument to 'importPaths'.
1 files changed, 4 insertions(+), 1 deletions(-) M nix/nix-daemon/nix-daemon.cc
M nix/nix-daemon/nix-daemon.cc => nix/nix-daemon/nix-daemon.cc +4 -1
@@ 440,7 440,10 @@ static void performOp(bool trusted, unsigned int clientVersion, case wopImportPaths: { startWork(); TunnelSource source(from); Paths paths = store->importPaths(!trusted, source); /* Unlike Nix, always require a signature, even for "trusted" users. */ Paths paths = store->importPaths(true, source); stopWork(); writeStrings(paths, to); break;