From 200f790ea15426a472dee27d5008e986920728bd Mon Sep 17 00:00:00 2001
From: Noah Masur <7386960+nmasur@users.noreply.github.com>
Date: Sat, 29 Jul 2023 08:24:03 -0400
Subject: [PATCH] lock down nix daemon

---
 modules/common/shell/nixpkgs.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/modules/common/shell/nixpkgs.nix b/modules/common/shell/nixpkgs.nix
index cb8262d..afc1637 100644
--- a/modules/common/shell/nixpkgs.nix
+++ b/modules/common/shell/nixpkgs.nix
@@ -73,6 +73,9 @@
       path = builtins.toString pkgs.path;
     };
 
+    # For security, only allow specific users
+    settings.allowed-users = [ "@wheel" config.user ];
+
   };
 
 }