`$NIX_PATH` entries can shadow internal lookup paths

## Describe the bug

At times, Nix (or users) will call internal, vendored files (like `<nix/fetchurl.nix>` and `<nix/derivation-internal.nix>`) for various operations. However, these can be shadowed by entries into `$NIX_PATH` from the environment, which will completely break some functionality - *especially* if the `nix` path entry actually contains files of the same name, as then Nix won't fall back to its internal files

## Steps To Reproduce

1. `mkdir -p not-internal-nix`
2. `echo 'assert false; "womp womp"' > not-internal-nix/fetchurl.nix`
3. `NIX_PATH="nix=$PWD/not-internal-nix" nix-instantiate -E "import <nix/fetchurl.nix>"`
4. Observe the following error:

```
error:
       … while calling the 'import' builtin
         at «string»:1:1:
            1| import <nix/fetchurl.nix>
             | ^

       … while evaluating the file '/home/atlas/not-internal-nix/fetchurl.nix':

       error: assertion 'false' failed
       at /home/atlas/not-internal-nix/fetchurl.nix:1:1:
            1| assert false; "womp womp"
             | ^
            2|
```

## Expected behavior

Internal Nix files are always used and the names of my path entries don't (silently) cause this unattended consequence

A more specific idea I had was to maybe limit the "regular" lookup paths here (i.e., use certain characters or make a longer string that will make it basically impossible to have these kinds of conflicts, unlike the more plausible `nix` entry name). This obviously wouldn't work for internal files like <nix/fetchurl.nix> that *are* meant to be consumed though...so maybe we could special case those "public" ones? Or just not allow entry names named `nix` to at least avoid this footgun?

## Metadata

`nix (Nix) 2.32.0pre20250925_099a74e`

## Additional context

I came across this after adding this repository as an input to my flake. It has [this small snippet](https://github.com/getchoo/borealis/blob/6a74b50cd528ed22049ac73276ef1a2aaf24c603/modules/shared/mixins/nix.nix#L38-L46) to add all of my flake's inputs to the system registry and then map those inputs to `$NIX_PATH` entries, creating the `nix` entry. I then hit https://github.com/NixOS/nix/issues/14062, and @xokdvium was able to figure out the extent and reasoning for this issue while we talked on Matrix. Thanks! :)

## Checklist



- [x] checked [latest Nix manual] \([source])
- [x] checked [open bug issues and pull requests] for possible duplicates

[latest Nix manual]: https://nix.dev/manual/nix/development/
[source]: https://github.com/NixOS/nix/tree/master/doc/manual/source
[open bug issues and pull requests]: https://github.com/NixOS/nix/labels/bug

---

Add :+1: to [issues you find important](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+sort%3Areactions-%2B1-desc).

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

`$NIX_PATH` entries can shadow internal lookup paths #14085

Describe the bug

Steps To Reproduce

Expected behavior

Metadata

Additional context

Checklist

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Uh oh!

$NIX_PATH entries can shadow internal lookup paths #14085

Description

Describe the bug

Steps To Reproduce

Expected behavior

Metadata

Additional context

Checklist

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions

`$NIX_PATH` entries can shadow internal lookup paths #14085