(zilch nixpkgs): Attempt to limit Nix expression leakage

Change-Id: Ifab2c0e7784145b9f57ca2c3cb713a476a6a6964

core/src/nixpkgs.sld

@@ -5,12 +5,42 @@
     (zilch magic) (zilch nix drv) (zilch nix hash)
     (zilch nix path) (zilch zexpr)
     (srfi 18) (srfi 128) (srfi 146) (srfi 152)
-    (chicken format) (chicken process)
+    (chicken format) (chicken process) (chicken pathname)
+    (chicken process-context)
     json)
   (export nix-prefetch-url nixpkgs nixpkgs-eval
-    nix-eval environment-for-derivation)
+    nix-eval environment-for-derivation
+    nixpkgs-eval-allow-all nixpkgs-eval-allow-path)
 
   (begin
+    (define trusted-paths '())
+
+    (define (normalize-path path)
+      (if (string-prefix? "/" path)
+        path
+        (normalize-pathname (string-append (current-directory) "/" path) 'unix)))
+
+    ;; Add a path to the list of trusted paths for Nix evaluations.
+    ;; Paths will be normalized to be absolute, relative to the CWD.
+    ;; This does not check symlinks, or the existence of any path component.
+    (define (nixpkgs-eval-allow-path path)
+      (when (and path trusted-paths)
+        (set! trusted-paths (cons (normalize-path path) trusted-paths))))
+
+    ;; Don't restrict Nix evaluations.
+    (define (nixpkgs-eval-allow-all)
+      (set! trusted-paths #f))
+
+    ; Append ">={path}" to the NIX_PATH for each argument.
+    ; This is a hack as this is invalid channel syntax, e.g. `<<>` is invalid.
+    (define (nixpkgs-eval-trust-arguments)
+      (if trusted-paths
+       (let loop ((out '("--option" "restrict-eval" "true")) (args trusted-paths))
+         (if (null? args)
+           out
+           (loop (cons "-I" (cons (string-append ">=" (car args)) out)) (cdr args))))
+       '()))
+
     (define (run-stderr-thread prefix port)
       (define line (read-line port))
       (if (eof-object? line)
@@ -20,7 +50,7 @@
           (run-stderr-thread prefix port))))
 
     (define (read-from-nixpkgs path)
-      (define-values (stdout stdin pid stderr) (process* "nix-instantiate" `("--argstr" "path" ,path "-E" "{path}: let nixpkgs = import <nixpkgs> {}; in nixpkgs.${path}.out")))
+      (define-values (stdout stdin pid stderr) (process* "nix-instantiate" `(,@(nixpkgs-eval-trust-arguments) "--argstr" "path" ,path "-E" "{path}: let nixpkgs = import <nixpkgs> {}; in nixpkgs.${path}.out")))
       (define thread (thread-start! (make-thread (lambda () (run-stderr-thread (string-append "nixpkgs." path) stderr)) "read-from-nixpkgs stderr passthrough")))
       (close-port stdin)
       (define drvpath (read-line stdout))
@@ -29,7 +59,7 @@
       drvpath)
 
     (define (read-from-nixpkgs-raw path)
-      (define-values (stdout stdin pid stderr) (process* "nix-instantiate" `("-E" ,(string-append "with import <nixpkgs> {}; (" path ")"))))
+      (define-values (stdout stdin pid stderr) (process* "nix-instantiate" `(,@(nixpkgs-eval-trust-arguments) "-E" ,(string-append "with import <nixpkgs> {}; (" path ")"))))
       (define thread (thread-start! (make-thread (lambda () (run-stderr-thread (string-append path) stderr)) "read-from-nixpkgs-raw stderr passthrough")))
       (close-port stdin)
       (define drvpath (read-line stdout))
@@ -42,7 +72,7 @@
       drvpath)
 
     (define (read-from-eval code)
-      (define-values (stdout stdin pid stderr) (process* "nix-instantiate" `("--json" "--eval" "--strict" "--read-write-mode" "-E" ,code)))
+      (define-values (stdout stdin pid stderr) (process* "nix-instantiate" `(,@(nixpkgs-eval-trust-arguments) "--json" "--eval" "--strict" "--read-write-mode" "-E" ,code)))
       (define thread (thread-start! (make-thread (lambda () (run-stderr-thread (string-append "eval `" code "`") stderr)) "read-from-eval stderr passthrough")))
       (close-port stdin)
       (define output (json-read stdout))