Re: [Clg-devel] deploying CLG
Brought to you by:
espen
From: Walter C. P. <wa...@pe...> - 2007-12-17 12:13:44
|
I've given a cursory look at the code and I've noticed that you meant to try first the non-absolute pathname and then the absolute. I initially understood you intended to do the other way around. This, of course, reduces substantially the security risk as I saw it. It does however raise some doubts about the usefulness of the absolute pathnames. In fact, if I'm trying to debug a C library (not necessarily CLG's) that is both already installed under, say, /usr/local/lib and in /home/me/my_sandbox/, I'll have to resort to setting LD_LIBRARY_PATH in any case to load my private one, or install it under /usr/local/lib each time I debug it (which might not me an option where the production machine is shared with developers). Just like for a C program. The abosulte pathnames would thus be used only on machines where the program is never installed. A minor observation. I believe ABSOLUTE-NAMESTRING-P and NAMESTRING-FILENAME would not work under Windoze. Perhaps something like this? (defun absolute-pathname-p (pathname) (eq :absolute (car (pathname-directory (pathname pathname))))) s/namestring-filename/file-namestring/g [AFAIK the call to pathname is actually superfluos.] -- walter pelissero http://www.pelissero.de |