allowed-uris doesn't work with builtins.readFile/builtins.readDir

[infinisil]

This doesn't work:

$ nix eval "(builtins.readFile $PWD/a)" \
  --option restrict-eval true \
  --option allowed-uris "file://$PWD/a"
error: access to path '/home/infinisil/Test/restricted/a' is forbidden in restricted mode

But I'd expect it to work. I currently need to use builtins.fetchurl instead.

This differs in behavior to the -I option, which works just fine with builtins.readFile:

$ nix eval '(builtins.readFile <pwd/a>)' \
  --option restrict-eval true -
  -I pwd=$PWD
"a\n"

[stale]

I marked this as stale due to inactivity. → More info

[stale]

I marked this as stale due to inactivity. → More info

[infinisil]

I still think this should be fixed

[stale]

I marked this as stale due to inactivity. → More info

[infinisil]

.

[infinisil]

Still relevant!