[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DSO-style FFI

From: Ted Zlatanov
Subject: Re: DSO-style FFI
Date: Fri, 18 Oct 2013 09:31:28 -0400
User-agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux)

On Sat, 12 Oct 2013 14:55:26 -0400 Stefan Monnier <address@hidden> wrote: 

>> The problems I see are A) that it would be trivial to use such an
>> interface to crash or subvert emacs from elisp,

SM> This is a fundamental property of anything that lets gives access to
SM> "any" library.  DSO or FFI is in the same boat.  IOW, if we really
SM> consider it as too dangerous, then we can't provide anything related to
SM> an FFI or dynamic loading of code.

This is where package signing becomes important.  We can require two
signatures from two separate reviewers for high-risk packages.

>> and B) that such a binding will allow people to write non-free
>> extensions to Emacs in just the way that RMS has specifically stated
>> that he would like to avoid.

SM> Presumably we can prevent it by checking (before loading the library)
SM> that the library is compatible with the GPL (following the scheme
SM> designed originally for gcc).

This can be declared by the author in the packaging.  Do we need to spend
time on an elaborate scheme that can be trivially subverted?  Or are
there other concerns I'm not getting?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]