diff options
| author | Vladimír Čunát <v@cunat.cz> | 2024-04-10 07:52:44 +0200 |
|---|---|---|
| committer | Vladimír Čunát <v@cunat.cz> | 2024-04-10 07:52:44 +0200 |
| commit | 3299c31f4479670ef49cad5c87421a034705f9b5 (patch) | |
| tree | 2148e7cd80abf26a7c2b234f12a761044b739e56 /pkgs/stdenv/generic | |
| parent | 28cd7a0fb5763fbfd9eb4d5af88874cc8c8a64b1 (diff) | |
stdenv: avoid setuid issues
See #300635. Maybe in time we'll have a better solution.
Diffstat (limited to 'pkgs/stdenv/generic')
| -rw-r--r-- | pkgs/stdenv/generic/setup.sh | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/pkgs/stdenv/generic/setup.sh b/pkgs/stdenv/generic/setup.sh index 6c72395219f7c..45c73d7709c66 100644 --- a/pkgs/stdenv/generic/setup.sh +++ b/pkgs/stdenv/generic/setup.sh @@ -1421,7 +1421,8 @@ fixupPhase() { # Make sure everything is writable so "strip" et al. work. local output for output in $(getAllOutputNames); do - if [ -e "${!output}" ]; then chmod -R u+w "${!output}"; fi + # for set*id bits see #300635 + if [ -e "${!output}" ]; then chmod -R u+w,u-s,g-s "${!output}"; fi done runHook preFixup |