mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-24 06:31:02 +00:00
Code Issues Wiki Activity
nixpkgs/pkgs
History
aszlig 63fb845fcf
virtualbox: Rebase hardened.patch on top of 5.1.22 
The merge of the version bump in
6fb9f89238 didn't take care of our patch
for the hardening mode and thus enabling VirtualBox without also
force-disabling hardening mode will result in a build error.

While the patch is largely identical with the old version, I've removed
one particular change around the following code:

    if (pFsObjState->Stat.st_mode & S_IWOTH)
        return supR3HardenedSetError3(VERR_SUPLIB_WORLD_WRITABLE, pErrInfo,
                                      "World writable: '", pszPath, "'");

In the old version of the patch we have checked whether the path is
within the Nix store and suppressed the error return if that's the case.

The reason why I did that in the first place was because we had a bunch
of symlinks which were writable.

In VirtualBox 5.1.22 the code specifically checks whether the file is a
symlink, so we can safely drop our change.

Tested via all of the "virtualbox" NixOS VM subtests and they now all
succeed.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-06-23 05:48:54 +02:00
..
applications virtualbox: Rebase hardened.patch on top of 5.1.22 2017-06-23 05:48:54 +02:00
build-support Remove kdeWrapper 2017-06-18 08:43:39 -05:00
common-updater common-updater-script: fix error handling 2017-05-19 17:14:43 +03:00
data unifont: 9.0.06 -> 10.0.01 2017-06-22 09:03:23 +02:00
desktops kdeFrameworks, plasma5: fix setup hooks 2017-06-22 17:46:44 -05:00
development kdeFrameworks, plasma5: fix setup hooks 2017-06-22 17:46:44 -05:00
games openttd: 1.6.1 -> 1.7.1 2017-06-20 03:45:41 +02:00
misc slock: Avoid chmod u+s (#26600) 2017-06-22 22:55:04 +08:00
os-specific linux-hardened-copperhead: 4.11.6c -> 4.11.6d 2017-06-22 21:12:20 -04:00
servers wallabag: 2.2.2 -> 2.2.3 2017-06-20 13:30:38 +02:00
shells rssh: don't set special bits 2017-06-16 07:31:21 -05:00
stdenv darwin-stdenv: remove python-sphinx and a bunch of other dependencies from the stdenv 2017-06-01 23:23:56 +02:00
test
tools tmate: minor cleanup 2017-06-23 00:10:21 +08:00
top-level Merge pull request #26668 from gleber/fixpoint-erlang-packages 2017-06-22 21:49:30 +02:00