[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Guile REPL Server
|
From: |
Jonas Hahnfeld |
|
Subject: |
Re: Guile REPL Server |
|
Date: |
Thu, 19 May 2022 09:50:25 +0200 |
|
User-agent: |
Evolution 3.44.1 |
On Thu, 2022-05-19 at 09:39 +0200, Jean Abou Samra wrote:
> Le 19/05/2022 à 09:28, Jonas Hahnfeld via LilyPond user discussion a écrit :
> > As you can see, the REPL itself works just fine. What does not work is
> > the REPL server because we disable all networking functionality in our
> > Guile build. Here I'm even more hesitant to change direction because
> > everything interfacing with network is security-sensitive...
>
> I am not understanding this concern given that we already give
> full control on the file system and the ability to run external
> commands ... ?
Which is all local and / or can be confined. If the official binaries
allow opening arbitrary server ports and exposing REPLs, this opens the
door for "shellcode" attacks. I don't want to see this happen by
abusing LilyPond.
> If it's about the -dsafe mode, we can talk about that privately.
I don't see what should be talked about privately. If there is
something to discuss, do it on the mailing list.
signature.asc
Description: This is a digitally signed message part
- Re: Guile REPL Server, (continued)
- Re: Guile REPL Server, Hendursaga, 2022/05/17
- Re: Guile REPL Server, Jonas Hahnfeld, 2022/05/19
- Re: Guile REPL Server, Jean Abou Samra, 2022/05/19
- Re: Guile REPL Server, Jonas Hahnfeld, 2022/05/19
- Re: Guile REPL Server, David Kastrup, 2022/05/19
- Re: Guile REPL Server, Omid Mo'menzadeh, 2022/05/19
- Re: Guile REPL Server, David Kastrup, 2022/05/19
- Re: Guile REPL Server, Jonas Hahnfeld, 2022/05/19
Re: Guile REPL Server, Jonas Hahnfeld, 2022/05/19