On Mon, 29 Aug 2005 11:06:16 +0200, mkoeppe+slime@mail.math.uni-magdeburg.de wrote:
"Marco Baringer" mb@bese.it writes:
lgorrie@common-lisp.net (Luke Gorrie) writes:
- slime.el (slime-enable-evaluate-in-emacs): New variable.
- (evaluate-in-emacs): Security improvement: If
- slime-enable-evaluate-in-emacs is nil (the default), don't
- evaluate forms sent by the Lisp.
what is the security risk (which isn't already present just by having slime connected) which evaluate-in-emacs adds?
The Lisp program could reside on an untrusted host. It should not be allowed to execute arbitrary code on the host where Emacs runs.
The kind of connections you've already made by the time this is important put you into much deeper trouble with a compromised host.
If you don't trust the other end, you shouldn't be doing any host interaction beyond delivering files. If you don't trust the other end, you shouldn't be using an important user account, but rather a throw-away user account, to deal with an untrusted host. I see no additional value here.