>> This suggests that one of the things you need to do is have tighter >> control over the CL_SOURCE_REGISTRY >> and ASDF_OUTPUT_TRANSLATIONS around this compilation, to prevent the >> unwanted ASDF upgrade. > > I have to admit that interference from the process environment was not on my > list of identified threats. > I just committed two lines in my src/build-asdf-contrib.lsp to guard against > that. I hope its enough. > I looked into the source code of ASDF and saw that it read the content of at > least 11 environment variables! > Should I be paranoid and guard also against the 9 nine others beside the two > you mentioned? > grep 'getenv.*"' *p u*/*p actually finds 15 different variables that *may* be used. But when these two are controlled, all other variables are unused, except for __CL_ARGV0 that you shouldn't care about and TMPDIR (or TEMP, on Windows) that should be left in the user's control — if it's bogus, a lot more things than ASDF will break; and if the user wants to divert it, he probably knows what he's doing.
—♯ƒ • François-René ÐVB Rideau •Reflection&Cybernethics• http://fare.tunes.org Love doesn't scale. — Eric S. Raymond _______________________________________________ Asdf-devel mailing list Asdf-devel@common-lisp.net http://common-lisp.net/cgi-bin/mailman/listinfo/asdf-devel
