Greetings! In principle you are right, but in practice things are far safer. Remember that shortly we will spawn these sockets or similar preconnected and with no tcp/ip connection routines at all -- what we are playing with now as an early indicator of parallel GCL was really designed to allow one to write lisp internet server functions, specifically, axiom wants to serve up its documentation from within lisp to a web browser. So with that inevitably comes the security issue.
One can attempt to restrict connections within the function itself, but most typically this is done at the kernel level by the system administrator. The chances that any decent system would silently open these ports to the internet is virtually nil I'd think these days. One has to explicitly open a hole in whatever firewall one has guarding the system to get this sort of access. For example, for your host from here: telnet (your host) 1927 Trying (your ip)... telnet: Unable to connect to remote host: Connection refused A useful tool is nmap -- it can tell you which ports are accessible from any host outside your machine. I'd wager that on any machine you'd run across, the only ports open to incoming connections from the internet are a few (~ 10) well selected ones below 1000, i.e. governed by root/sysadmin. We can confirm this if you are concerned. Take care, Robert Boyer <[EMAIL PROTECTED]> writes: > It seems to me that executing something such as (start-eval-server) opens a > user up to maximal security disruption. > > For example, can't anyone then do something like (e (delete-file "bar.lisp")) > to delete a file from anywhere on the internet? > > Creating such a giant security hole seems to me very, very serious. But > maybe I am missing something big. > > Bob > > ------------------------------------------------------------------------------- > > (defun start-eval-server () > (si::socket > 1927 > :server > #'(lambda (s) > (prin1 (eval (read s nil 10)) s) > (write-char #\Newline s) > (force-output s) > (bye)) > :daemon t)) > > (defun e (x) > (let ((s (si::socket 1927 :host "(your host)"))) > (prin1 x s) > (write-char #\Newline s) > (force-output s) > (loop while (not (listen s)) do (sleep 1)) > (prog1 (read s nil 'eof) (close s)))) > > > -- Camm Maguire [EMAIL PROTECTED] ========================================================================== "The earth is but one country, and mankind its citizens." -- Baha'u'llah _______________________________________________ Gcl-devel mailing list Gcl-devel@gnu.org http://lists.gnu.org/mailman/listinfo/gcl-devel
