Robert Marlow writes:
On Sun, 2005-02-20 at 10:36 +0100, Luke Gorrie wrote:
- We should fix some authentication on the socket connection to remove security considerations (if someone else connects to Lisp before Emacs; see top of PROBLEMS file)
Thoughts?
Good point on 3. The Debian security team may complain about that :) I think this could be fixed by generating something random with M-x SLIME and using it as a key for create-server. I can whack that together and submit a patch if that's all that's required.
I think this would be sufficient to solve the big gaping security hole, and is probably the best portable solution. What would be even nicer would be additional support for Unix-domain sockets. If create-server could be passed a pathname specifier, or even an existing socket, it would make administrative access to Lisp servers nicer. Eg, I have a server running an SBCL image that's running both Araneida and SWANK. It would be nice if SWANK listened on a socket that only users in the webadmin group could connect to, instead of the ugly ugly hack I have now.