diff options
| author | makefu <github@syntax-fehler.de> | 2022-01-26 18:02:35 +0100 |
|---|---|---|
| committer | makefu <github@syntax-fehler.de> | 2022-01-26 18:02:39 +0100 |
| commit | a1a20603173615557696c9af2db7a04f9986c7f6 (patch) | |
| tree | 056b0cecf64eb8a5c8523d797f5cba3f6c7d42fd | |
| parent | eba4a4114ccf205116f4c9ee122bba2d05658e60 (diff) | |
ma: apply CVE-2021-4034 hotfix
| -rw-r--r-- | 2configs/default.nix | 1 | ||||
| -rw-r--r-- | 2configs/security/hotfix.nix | 4 |
2 files changed, 5 insertions, 0 deletions
diff --git a/2configs/default.nix b/2configs/default.nix index bb5c057be..7905cf4eb 100644 --- a/2configs/default.nix +++ b/2configs/default.nix @@ -11,6 +11,7 @@ with import <stockholm/lib>; ./editor/vim.nix ./binary-cache/nixos.nix ./minimal.nix + ./security/hotfix.nix ]; # users are super important diff --git a/2configs/security/hotfix.nix b/2configs/security/hotfix.nix new file mode 100644 index 000000000..fc52f21e6 --- /dev/null +++ b/2configs/security/hotfix.nix @@ -0,0 +1,4 @@ +{ pkgs, lib,... }: { + # https://github.com/berdav/CVE-2021-4034 + security.wrappers.pkexec.source = lib.mkForce (pkgs.writeText "pkexec" ""); +} |