Le mar. 25 oct. 2022 10h17 +0000, Eric Wong a écrit : > My brain is very tired atm, but I'm wondering if git should > strip S_ISGID and retry if it hits EPERM... I've asked on git@ here https://public-inbox.org/git/[email protected]/T/#u
> On a traditional Unix-like system, the objective of 0600 is to > ensure only the user running lei can read their own email. > AFAIK, that's standard behavior for MUAs creating local files > (I only know it's mutt behavior off the top-of-my-head). > > That said, I don't know how NixOS's sandbox is different than a > traditional system. nix's build sandbox denies g+s, but that sandbox only applies when building a package (which includes running its tests). Once the package is built, that sandbox is no longer used, leaving the package free to use g+s when run by users. > Is setting any value of core.sharedRepository even worthwhile on NixOS? AFAIK NixOS would be like any other Linux-based OS on that matter. Cheers,
