2015-10-24 20:55:50 +00:00
|
|
|
{ pkgs, ... }:
|
|
|
|
|
2016-05-25 09:29:20 +00:00
|
|
|
# TODO use krebs.setuid
|
|
|
|
# This requires that we can create setuid executables that can only be accessed
|
|
|
|
# by a single user. [per-user-setuid]
|
|
|
|
|
|
|
|
# using bash for %q
|
|
|
|
pkgs.writeBashBin "ff" ''
|
|
|
|
exec /var/setuid-wrappers/sudo -u ff -i <<EOF
|
2015-10-24 20:55:50 +00:00
|
|
|
exec ${pkgs.firefoxWrapper}/bin/firefox $(printf " %q" "$@")
|
|
|
|
EOF
|
|
|
|
''
|