[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How to communicate with a running external process with

From: Thorsten Jolitz
Subject: Re: How to communicate with a running external process with
Date: Wed, 24 Jul 2013 08:34:44 +0200
User-agent: Gnus/5.130002 (Ma Gnus v0.2) Emacs/24.3 (gnu/linux)

"Pascal J. Bourguignon" <> writes:

> Thorsten Jolitz <> writes:
>> I did not mean Common Lisp, but there is a Swank implementation for my
>> Uncommon Lisp of interest, and it did not occur to me to consider it -
>> so thanks for this marvelous tip!
> So just loading swank in that other lisp, and starting a swank sever:
>     (swank:create-server :port 4005) ; in CL
> you can then connect to it from emacs with M-x slime-connect RET RET RET
> You can even do some kind of "RPC" (Remote Procedure Call) in both
> directions (trivial from slime, have a look at [1] to evaluate emacs lisp
> expressions from the other lisp).
> [1]:

Thats nice.

One headache is the security aspect, though.

someone asked the questions that came immediately to my mind too when
thinking about starting a swank-server from a Lisp process that runs a
long-running production webserver:

| Slime was meant to interface with a Swank server, which allows for
| debugging and patching a live, long-running process on-the-fly, correct?
| Isn't this dangerous? I certainly wouldn't want to just write and
| execute code on-the-fly, on a production web server, potentially causing
| it all to crash. – Cybis Nov 21 '08 at 22:18 1
| Furthermore, isn't this a security issue? Anyone could connect to the
| process and execute arbitrary LISP code. Why wouldn't there by some sort
| of authentication/authorization mechanism for this, if that's what swank
| was meant for? – Cybis Nov 21 '08 at 22:20

There seems to be authentication via a slime-secret file, but otherwise a
connected user could execute arbitrary LISP code on the swank-server, right?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]