Disallow build products that are symlinks

Otherwise you can do

  ln -s /etc/passwd $out/foo
  echo "file misc $out/foo" >> $out/nix-support/hydra-build-products

and get Hydra to serve its /etc/passwd file.

src/lib/Hydra/Controller/Build.pm

@@ -173,6 +173,7 @@ sub checkPath {
     my $storeDir = $Nix::Config::storeDir . "/";
     error($c, "Invalid path in build product.")
         if substr($path, 0, length($storeDir)) ne $storeDir || $path =~ /\/\.\./;
+    error($c, "Path ‘$path’ is a symbolic link.") if -l $path;
 }