From 4856b42ab69beb882414664551f1ca879d379936 Mon Sep 17 00:00:00 2001
From: Parnell Springmeyer <parnell@digitalmentat.com>
Date: Sun, 29 Jan 2017 16:47:14 -0600
Subject: [PATCH] Gotta provide sane defaults! This is what I get for 5AM
 coding

---
 nixos/modules/security/wrappers/default.nix | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/nixos/modules/security/wrappers/default.nix b/nixos/modules/security/wrappers/default.nix
index 9909c640647..cb288fc0880 100644
--- a/nixos/modules/security/wrappers/default.nix
+++ b/nixos/modules/security/wrappers/default.nix
@@ -79,7 +79,13 @@ let
              (s ? "setguid" && s.setguid == true) ||
              (s ? "permissions")
           then mkSetuidProgram s
-          else ""
+          else mkSetuidProgram
+                 ({ owner  = "root";
+                    group  = "root";
+                    setuid = true;
+                    setgid = false;
+                    permissions = "u+rx,g+x,o+x";
+                  } // s)
       ) programs;
 in
 {