machines/aszlig: temporarily whitelist webkitgtk

webkitgtk-2.4.11 is insecure, I am whitelisting it for now to fix the evaluation errors on the hydra. Consider, what you want to do on the issue long term, or just revert this commit as soon as the CVEs are fixed upstream, @aszlig!
author: sternenseemann <git@lukasepple.de> 2017-03-07 16:04:38 +0100
committer: sternenseemann <git@lukasepple.de> 2017-03-07 16:04:38 +0100
commit: f34f60216a94f41e684b2b2a29be9ca5f8f72940 (patch)
tree: eca3f7dd47f476ab756ccfb1be94ff5cd71914bc /machines/aszlig/arilou.nix
parent: 0ec2cd45ff4d6278344071e81ab742d2d157cb81 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/machines/aszlig/arilou.nix b/machines/aszlig/arilou.nix
index 8fbc4353..a0cfc195 100644
--- a/machines/aszlig/arilou.nix
+++ b/machines/aszlig/arilou.nix
@@ -7,6 +7,11 @@ let
 
   modulesPath = "${import ../../nixpkgs-path.nix}/nixos/modules";
 in {
+  # whitelist insecure webkitgtk
+  nixpkgs.config.permittedInsecurePackages = [
+    "webkitgtk-2.4.11"
+  ];
+
   vuizvui.user.aszlig.profiles.workstation.enable = true;
   imports = [ "${modulesPath}/profiles/all-hardware.nix" ];
author	sternenseemann <git@lukasepple.de>	2017-03-07 16:04:38 +0100
committer	sternenseemann <git@lukasepple.de>	2017-03-07 16:04:38 +0100
commit	f34f60216a94f41e684b2b2a29be9ca5f8f72940 (patch)
tree	eca3f7dd47f476ab756ccfb1be94ff5cd71914bc /machines/aszlig/arilou.nix
parent	0ec2cd45ff4d6278344071e81ab742d2d157cb81 (diff)