Hi everyone!
So, here is my proposed enhancement to swank (see patch-file in the
attachment).
The idea is, that executing arbitrary code on the lisp core, which swank
allows by default, is not always
desirable.
Hence, patch does following things:
1) Add SWANK::*READER* variable, which, when bound to a function when
calling SETUP-SERVER, causes
this function to be used when reading forms in SWANK-RPC::READ-FORM
2) SWANK::DISPATCH-EVENT's DESTRUCTURING-CASE is substituted by more
flexible lookup in the hashtable.
If SWANK::*VALID-RPC* list is bound to new value when calling
SETUP-SERVER, then in this particular
server only those new RPC's will be active.
1st change is useful, I think, not only for securing the reader in a way
that I did in my CL-SECURE-READ system,
but also if you actually want learn SWANK talk some non-s-exp-based
protocol.
So, what do you think?
Yours sincerely,
Alex