Bug#577210: tries to write FASL in wrong directory

Faré fahree at gmail.com
Tue Apr 13 22:28:29 UTC 2010

Severity: critical

now that I look at it again,

1- if we don't fix this bug, C-L-C is unusable to whomever doesn't
configure asdf-output-translations himself.

2- C-L-C needs to (asdf:clear-output-translations) and
(asdf:clear-source-registry) right before it dumps images, for all

3- This is NOT ENOUGH. Actually using /var/cache/$UID without doing
the permission checking, etc., will reopen the security issue with bug

4- There is no "good" place in ASDF currently into which to hook such
security checking. Maybe a :before method on perform for compile-op or
load-op on systems. Meh. If you have a good idea for an API for that,
or want to discuss the issue, please send a message to the asdf-devel

5- Short of including such hook, the "simple" solution is to use
ASDF's builtin per-user cache facility, except maybe for the root

6- CLC needs to update ASDF to latest, anyway.

Sigh. Sorry for the trouble. Getting there.

[ François-René ÐVB Rideau | Reflection&Cybernethics | http://fare.tunes.org ]
Austrian economics is the second law of thermodynamics to every other
economist's perpetual motion machines. — Faré

More information about the pkg-common-lisp-devel mailing list