Document that the macOS sandbox is not a security boundary

See e.g. discussion in https://github.com/NixOS/nix/pull/11270
2024-09-18 10:30:23 -04:00 · 2024-09-11 17:29:11 -04:00 · 2024-09-11 17:29:11 -04:00 · 9492a64005
parent 34dd70d287
commit 9492a64005
1 changed files with 3 additions and 0 deletions
--- a/src/libstore/globals.hh
+++ b/src/libstore/globals.hh
@ -625,6 +625,9 @@ public:
          `__darwinAllowLocalNetworking` attribute set to `true` will have a
          sandbox exception added to allow it.

+          The macOS sandbox has known limitations, and should not be
+          considered a strong security boundary.
+
          Currently, sandboxing only work on Linux and macOS. The use of a
          sandbox requires that Nix is run as root (so you should use the
          “build users” feature to perform the actual builds under different