b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
nixpkgs/nixos/modules/security/wrappers
History
edef 09325d24b6 nixos/security/wrappers: use musl rather than glibc and explicitly unset insecure env vars 
This mitigates CVE-2023-4911, crucially without a mass-rebuild.

We drop insecure environment variables explicitly, including
glibc-specific ones, since musl doesn't do this by default.

Change-Id: I591a817e6d4575243937d9ccab51c23a96bed6f9
2023-10-05 22:04:05 +00:00
..
default.nix nixos/security/wrappers: use musl rather than glibc and explicitly unset insecure env vars 2023-10-05 22:04:05 +00:00
wrapper.c nixos/security/wrappers: use musl rather than glibc and explicitly unset insecure env vars 2023-10-05 22:04:05 +00:00
wrapper.nix nixos/security/wrappers: use musl rather than glibc and explicitly unset insecure env vars 2023-10-05 22:04:05 +00:00