Closed kayahr closed 4 months ago
This PR just hit a program I use and caused an outage because we don't run with writable home directories. The resulting traceback doesn't really explain the problem:
Error: EPERM: operation not permitted, mkdir '/var/empty/.cache'
at Object.mkdirSync (node:fs:1391:3)
at Object.mkdirSync (pkg/prelude/bootstrap.js:1639:33)
at createDirRecursively (pkg/prelude/bootstrap.js:256:8)
at createDirRecursively (pkg/prelude/bootstrap.js:255:5)
at createDirRecursively (pkg/prelude/bootstrap.js:255:5)
at process.dlopen (pkg/prelude/bootstrap.js:2217:7)
at Object.Module._extensions..node (node:internal/modules/cjs/loader:1452:18)
at Module.load (node:internal/modules/cjs/loader:1197:32)
at Function.Module._load (node:internal/modules/cjs/loader:1013:12)
at Module.require (node:internal/modules/cjs/loader:1225:19)
It would be much better if this had a fallback to a secure temporary directory, and a clear error message when that fails.
@quentinmit I think we can fix this by using an env var to customize that dir on needs. Want to submit a PR?
Using a cache directory in users home directory fixes problems with conflicting user permissions and is also more secure because other users cannot inject executable code by placing a manipulated file in tmp.
Fixes #51