[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DSO-style FFI

From: Stefan Monnier
Subject: Re: DSO-style FFI
Date: Sat, 19 Oct 2013 10:41:08 -0400
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux)

>>>>> "Ted" == Ted Zlatanov <address@hidden> writes:

> On Sat, 12 Oct 2013 14:55:26 -0400 Stefan Monnier <address@hidden> wrote: 
>>> The problems I see are A) that it would be trivial to use such an
>>> interface to crash or subvert emacs from elisp,

SM> This is a fundamental property of anything that lets gives access to
SM> "any" library.  DSO or FFI is in the same boat.  IOW, if we really
SM> consider it as too dangerous, then we can't provide anything related to
SM> an FFI or dynamic loading of code.

> This is where package signing becomes important.  We can require two
> signatures from two separate reviewers for high-risk packages.

>>> and B) that such a binding will allow people to write non-free
>>> extensions to Emacs in just the way that RMS has specifically stated
>>> that he would like to avoid.

SM> Presumably we can prevent it by checking (before loading the library)
SM> that the library is compatible with the GPL (following the scheme
SM> designed originally for gcc).

> This can be declared by the author in the packaging.  Do we need to spend
> time on an elaborate scheme that can be trivially subverted?  Or are
> there other concerns I'm not getting?

> Ted

reply via email to

[Prev in Thread] Current Thread [Next in Thread]