There is a critical security issue in Nix 2.30 on macOS (and FreeBSD) platforms, where any user with permission to execute builds can trivially escalate to nix-daemon, i.e. root.

See Address ifdef problem with macOS/BSD sandboxing by gustavderdrache · Pull Request #13455 · NixOS/nix · GitHub and Prepare for FreeBSD sandboxing support by Ericson2314 · Pull Request #13281 · NixOS/nix · GitHub for details.

The issue seems to be addressed in Nix 2.30.1. The responsible disclosure process for this was not followed, so additional information will likely become available later.

Edit: earlier versions of Nix, and all versions of Lix and Guix are unaffected.

The official advisory is now public. Note that nixVersions.git in nixpkgs is still vulnerable.

We’re still waiting on a CVE, but I don’t believe the issues needs further details.

Yesterday my team was diagnosing why several derivations were failing to build on the new release of Determinate Nix which were successful on the previous release.

• 9:00pm UTC We published a notice on our status page to start distributing information about the build regression to our users.
• 9:57pm UTC We identified the boolean error as a probable cause
• 10:01pm UTC Our first commit fixing the issue was authored
• 10:02pm UTC Our testing confirmed that line was causing the builds to fail
• 10:03pm UTC We opened an internal PR to fix the bug

At this point, we were not thinking “security issue” and focused on fixing the regression in Determinate Nix.

• 10:08pm UTC We rolled back our distribution to Determinate Nix 3.7.0 since we knew we’d be making a release immediately.
• 10:11pm UTC We opened a PR to Nix to fix the same issue upstream.
• 11:05pm UTC Our internal PR merged and we started the release process for Determinate Nix 3.8.1.
• 00:58am UTC Determinate Nix 3.8.1 started shipping to 100% of users on GitHub Actions, which is step two in our final validation and release process.
• 01:09am UTC Someone on the team raised a flag that is likely a severe security issue after identifying that macOS builds are executing as root.
• 01:24am UTC We confirmed the impact of the security issue.
• 01:28am UTC We contacted Hexa with full details of the issue, including the fact that we’d already opened PRs from before we understood the security impact.
• 02:15am UTC I made the call to disclose this as a security issue in Determinate Nix but make no mention of Nix itself.
• 02:20am UTC I published a changelog entry about Determinate Nix 3.8.1 and the security relevance of the update: Changelog: Determinate Nix 3.8.1 with important security updates

Since the full details of the bug fix were public before we realized there was a security impact, we moved forward with identifying the security issue in Determinate Nix. However, to be clear at no point in our public comms did we discuss any security impact to Nix itself which makes this thread the first full disclosure of the impact to Nix.

Thank you @hexa for coordinating on the Nix + Security team side.

Postmortem from the Nix team

Timeline

The Nix Team timeline:

• @xokvidium was going through build failures in Nix’s own CI around ~10.00pm UTC.
• At that point Address ifdef problem with macOS/BSD sandboxing (backport #13455) by mergify[bot] · Pull Request #13458 · NixOS/nix · GitHub from DetSys was opened and this was not yet clear to be a security problem.
• The fix is merged and the backport triggered, the Nix Team is made aware of the regression, but none are available at that point to do the point release.
• 6.45am UTC: Matrix room with the Nix and Security Team is set up.
• 7.00am UTC: @edolstra triggers the Hydra job for 2.30.1 and uploads ~7:40am UTC.
• 1.30pm UTC: Nixpkgs nixVersions.git and cachix/install-nix-action update PRs are opened and merged shortly after.

Mitigations and improvements

This incident was largely beyond the control of the Nix team due to the short timeline.
Nonetheless the following process mitigations respectively will/ought to apply:

• Speed up the release process: @Mic92 and @tomberek will work on further automating the release process so that it can be triggered by any Nix team member. In this case @xokvidium would have triggered a release.
• @edolstra now has pager duty in Determinate Systems to quickly respond to incidents like this.
• We urge @grahamc not to disclose a vulnerability before coordinating with the relevant implementations.
  This includes cases where the vulnerability is somewhat easy to discover, because a fix was merged.
  At that point we believe the most responsible course of action is not to call attention to it just yet.
  Relevant implementations may normally include: upstream Nix, Lix, Guix. Perhaps in rare cases Snix or Tvix. We appreciate that the Nixpkgs security team was involved with this.
• We have enabled the GitHub branch protection rule that requires a review. In practice, the team normally applies the 4 eyes principle, and it was followed in this instance as well because the change was originally made by different authors. Nonetheless, GitHub’s formulation of the review rule would have restricted the merge of this particular bug.

Besides the review and release process improvements, we will further improve our automated testing and analysis.

• Apply more analysis tools; linting, static analysis, and machine learning
• Improvements to the test suite in terms of tests, and environments in which they can be run

Notes of our discussion, with more technical details, can be found in 2025-07-16 Nix team meeting minutes #235