Closed glitsj16 closed 3 months ago
glitsj16
commented
3 months ago I'm not familiar with NixOS; is /run/current-system/sw/bin a path that can only be created/modified by root on NixOS?
Had to dig deep to find the /run/current-system/sw/bin path to properly fix this script on NixOS. I'm not at all familiar with it either. That being said, here's some details from their wiki. I additionally asked several users on #nixos IRC and they all confirmed this works.
HTH
kmk3
commented
3 months ago I'm not familiar with NixOS; is /run/current-system/sw/bin a path that can only be created/modified by root on NixOS?
Had to dig deep to find the
/run/current-system/sw/binpath to properly fix this script on NixOS.
That is a pretty good finding indeed.
I'm not at all familiar with it either. That being said, here's some details from their wiki. I additionally asked several users on #nixos IRC and they all confirmed this works.
To be clear, I don't doubt that this works; the concern is that if the path can
be modified by normal users, then they could potentially gain root simply by
putting a malicious tc executable in there.
But if it's just a normal system-managed path (and there are no user overrides involving containers, etc) then it should be fine.
Fixes #6426.