[slime-devel] Re: Slime packaging in Debian

Thomas F. Burdick tfb at OCF.Berkeley.EDU
Mon Feb 21 08:27:01 UTC 2005

Robert Marlow writes:

 > On Sun, 2005-02-20 at 10:36 +0100, Luke Gorrie wrote:
 > > 3. We should fix some authentication on the socket connection to
 > >    remove security considerations (if someone else connects to Lisp
 > >    before Emacs; see top of PROBLEMS file)
 > > 
 > > Thoughts?
 > Good point on 3. The Debian security team may complain about that :) I
 > think this could be fixed by generating something random with M-x SLIME
 > and using it as a key for create-server. I can whack that together and
 > submit a patch if that's all that's required.

I think this would be sufficient to solve the big gaping security
hole, and is probably the best portable solution.  What would be even
nicer would be additional support for Unix-domain sockets.  If
create-server could be passed a pathname specifier, or even an
existing socket, it would make administrative access to Lisp servers
nicer.  Eg, I have a server running an SBCL image that's running both
Araneida and SWANK.  It would be nice if SWANK listened on a socket
that only users in the webadmin group could connect to, instead of the
ugly ugly hack I have now.

More information about the slime-devel mailing list