From af72f312d32140d87a91bf6e2c2f6a65758e248f Mon Sep 17 00:00:00 2001
From: Colin <colin@uninsane.org>
Date: Sat, 25 May 2024 10:52:38 +0000
Subject: [PATCH] sandbox: remove /run/wrappers: SUID wrappers dont really
 accomplish much inside a namespace

---
 modules/programs/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/programs/default.nix b/modules/programs/default.nix
index 8f6ea2a4..c49cb92f 100644
--- a/modules/programs/default.nix
+++ b/modules/programs/default.nix
@@ -51,7 +51,7 @@ let
 
           "/etc"  #< especially for /etc/profiles/per-user/$USER/bin
           "/run/current-system"  #< for basics like `ls`, and all this program's `suggestedPrograms` (/run/current-system/sw/bin)
-          "/run/wrappers"  #< SUID wrappers. TODO: remove!
+          # "/run/wrappers"  #< SUID wrappers. they don't mean much inside a namespace.
           # /run/opengl-driver is a symlink into /nix/store; needed by e.g. mpv
           "/run/opengl-driver"
           "/run/opengl-driver-32"  #< XXX: doesn't exist on aarch64?