[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How to communicate with a running external process with
From: |
Thorsten Jolitz |
Subject: |
Re: How to communicate with a running external process with |
Date: |
Wed, 24 Jul 2013 08:34:44 +0200 |
User-agent: |
Gnus/5.130002 (Ma Gnus v0.2) Emacs/24.3 (gnu/linux) |
"Pascal J. Bourguignon" <pjb@informatimago.com> writes:
> Thorsten Jolitz <tjolitz@gmail.com> writes:
>> I did not mean Common Lisp, but there is a Swank implementation for my
>> Uncommon Lisp of interest, and it did not occur to me to consider it -
>> so thanks for this marvelous tip!
>
> So just loading swank in that other lisp, and starting a swank sever:
>
> (swank:create-server :port 4005) ; in CL
>
> you can then connect to it from emacs with M-x slime-connect RET RET RET
>
> You can even do some kind of "RPC" (Remote Procedure Call) in both
> directions (trivial from slime, have a look at [1] to evaluate emacs lisp
> expressions from the other lisp).
>
> [1]: http://paste.lisp.org/display/22414
Thats nice.
One headache is the security aspect, though.
On
[[http://stackoverflow.com/questions/309440/lisp-in-a-box-why-is-it-starting-a-server][stackoverflow]]
someone asked the questions that came immediately to my mind too when
thinking about starting a swank-server from a Lisp process that runs a
long-running production webserver:
,-------------------------------------------------------------------------
| Slime was meant to interface with a Swank server, which allows for
| debugging and patching a live, long-running process on-the-fly, correct?
| Isn't this dangerous? I certainly wouldn't want to just write and
| execute code on-the-fly, on a production web server, potentially causing
| it all to crash. – Cybis Nov 21 '08 at 22:18 1
|
| Furthermore, isn't this a security issue? Anyone could connect to the
| process and execute arbitrary LISP code. Why wouldn't there by some sort
| of authentication/authorization mechanism for this, if that's what swank
| was meant for? – Cybis Nov 21 '08 at 22:20
`-------------------------------------------------------------------------
There seems to be authentication via a slime-secret file, but otherwise a
connected user could execute arbitrary LISP code on the swank-server, right?
--
cheers,
Thorsten
Message not available