* Helmut Eller 87d4oov6sk.fsf@lifebook.lan Wrote on Thu, 17 Apr 2008 17:29:31 +0200:
| * Madhu [2008-04-14 07:39+0200] writes: | |> SWANK-LOADER::SLIME-VERSION-STRING calls READ on the first form of the |> ChangeLog file without binding *READ-EVAL* to NIL, which is a potential |> security hole. This minor patch fixes that, to avoid future dire |> advisories... | | We even load user-init files. Isn't that a much more severe security | hole?
User init files are lisp files created by the user and intended to be loaded at startup to customize the system. This is normal and not a security hole.
However ChangeLog files are not lisp files, and not intended to be loaded by the system. The security hole is this: it is not a typical place that one would look for to audit code for safety.
What is your excuse to keep this backdoor mechanism to allow loading of arbitrary code behind the user's back, assuming you can write the ChangeLog file?
-- Madhu