Opened 10 years ago

Closed 10 years ago

#893 closed defect (fixed)

ccl:temp-pathname on Android

Reported by: heller Owned by: gb
Priority: normal Milestone:
Component: other Version: trunk
Keywords: android Cc:


ccl:temp-pathname on Android returns things like #P"/tmp/tmp\\.4.JYCET1462". That's not terribly useful as /tmp does usually not exist or is not accessible from non-root applications.

Change History (3)

comment:1 Changed 10 years ago by gb

  • Owner set to gb
  • Status changed from new to assigned

We're basically just returning what (#_tmpnam (%null-ptr)) returns, though you're right that trusting the Android C library is unwise. (And #_tmpnam has non-Android-specific problems.)

Does /data/local/tmp/ exist ?

comment:2 Changed 10 years ago by heller

Does /data/local/tmp/ exist ?

Yes, it's there but I probably created that myself.

I'm trying to use SSHDriod, a ssh server from the Android market, to setup a shared filesystem. ssh-ing to the device puts me in the directory /data/data/ and gives be a different uid as adb shell would use. I'd need to change permissions for /data/local/tmp and make it writable for everybody. Setting $TMPDIR so that ccl:temp-pathname can pick it up, would be the simplest solution for me.

comment:3 Changed 10 years ago by gb

  • Resolution set to fixed
  • Status changed from assigned to closed

(In [15146]) Optionally use environment variables to initilize CCL's notion of some filesystem paths, if CCL:*TRUST-PATHS-FROM-ENVIRONMENT* is true (as it is by default.)


  • on Unix systems (including Android), try to use the value of the "HOME" environment variable to initialize (USER-HOMEDIR-PATHNAME).
  • On Android (only) for now, make TEMP-PATHNAME try to use the value of TMPDIR if the directory component of the value returned by #_tmpnam doesn't exist. (It seems to be "/tmp", which would make sense if /tmp existed on Android.)

It's possible that someone might have "HOME" set incorrectly, and that trusting (easily spoofed) environment variables opens security vulnerabilities. (The glibc docs mention the latter possibility, then note that env variables are usually used because of their convenience.)

Fixes ticket:892 and fixes ticket:893.

Note: See TracTickets for help on using tickets.