[slime-devel] Re: [PATCH] Bind *read-eval* in slime-version-string

Rudi Schlatte rudi at constantly.at
Tue Apr 22 16:11:19 UTC 2008

Zach Beane <xach at xach.com> writes:

> Madhu <enometh at meer.net> writes:
>> * Zach Beane <m37ierik0t.fsf at unnamed.xach.com> :
>> Wrote on Mon, 21 Apr 2008 06:23:30 -0400:
>> |> Besides, not only is it not complicating things, it is The Right Thing
>> |> To Do.
>> |
>> | I don't think you should stop there. There is a dangerous file named
>> | swank.lisp that is loaded by the lisp and slime.el is loaded by
>> | emacs. An attacker thwarted by your ChangeLog fix could still modify
>> | any of those files and take over your computer when you start slime!
>> See <URL:http://permalink.gmane.org/gmane.lisp.slime.devel/7300>
>> upthread in this thread where I explained why swank.lisp and slime.el
>> are not a problem.
> I saw it. Count me as one of the unpersuaded.

AOL.  We're talking about an attacker who can somehow modify or
replace the Changelog file, but who cannot modify or replace
swank.lisp or slime.el sitting right next to it in the same directory.

An argument in support of binding read-eval to nil around read in this
specific case could still be made: that an inexperienced coder
browsing the slime sources would learn about *read-eval* that way.


More information about the slime-devel mailing list