freenode/#lisp - IRC Chatlog
Search
8:01:30
flip214
will ELS submissions end today? Then I could start reviewing papers -- last time new versions got in after I had read initial versions...
8:02:10
beach
It should end today, but I think the authors have the right to upload modified versions later.
12:03:12
splittist
margaritamike: not really, no. This is one of the benefits of First-Class Global Environments that is (kinda) part of the SICL project.
12:07:24
splittist
The wikipedia definition seems to make clear that this is an OS concern (where the jvm and clr and os-a-likes).
12:13:50
splittist
margaritamike: I think it goes like this. A CL image contains an evaluator and a compiler (EVAL and COMPILE). The compiler is necessary for important parts of the system - like CLOS - to operate, so you can't just rip it out. If the untrusted user has access to the compiler, then they can (eventually) do anything, regardless of what you have taken out of the environment to begin with.
12:14:49
splittist
Having multiple First Class Global Environments would allow the system to have access to COMPILE (and co) - via one environment - while not allowing the untrusted user to have access - via another environment.
12:18:06
margaritamike
You can't do something like say this lisp program can't write to file or use sockets in a security file?
12:20:06
splittist
As I said - that's an OS thing. Perhaps ABCL would work with the the java stuff. Otherwise, use a vast network of containers like everyone does for everything these days (:
12:25:56
margaritamike
Say you've set your restrictions in Java and you add in a dependency that uses java.net.SocketPermission whereas that was previously restricted
12:27:25
margaritamike
It would be good to catch that with a security policy before it has a change to execute during runtime or whatever
12:32:38
margaritamike
You have a lisp library you bring in from ql:quickload. Unknowingly, it does something malicious
12:33:11
margaritamike
You don't have the time, and probably not the skill either, to read and understand every line of code from the library
12:34:29
margaritamike
Until you read every line of the library's code or notice something strange one day?
12:39:30
splittist
How could it be any other way? You are including source code. You are basically asking someone else to type your program.
12:39:48
dim
you need capabilities for this kind of security, and you give capabilities to programs, with a very restricted default set
12:40:13
dim
also read this famous “Trusting Trust” paper from Thompson from back in the days, still relevant today
12:44:03
splittist
Common Lisp the language obviously can't do this, since it is a systems issue. Secure Common Lisp, which keeps track of which code comes from which set of source files and provides fine-grained access control to OS and other program resources based on this tracking.
13:50:48
Jachy
I wish for everyone who read the "trusting trust" paer they'd also read the newer "fully countering trusting trust through diverse double-compiling" paper.
13:53:06
lieven
nowadays you also need to worry about the backdoors to the CPU and the motherboard chipset
14:08:23
lieven
ebrasca: it's hard to prove anything backdoor free without checking the cpu wafer with an electron microscope to see if it conforms to the chip design and then verify your way up :)
14:09:44
lieven
and I guess, pace trusting trust, you would have to verify the working of the electron miscroscope too
14:17:38
xsperry
how can I get natural sort order in cl? is there a built-in for this, or do I have to write it myself?
14:20:54
beach
xsperry: You probably need to write it yourself. It doesn't look very "natural" to me.
14:27:53
nirved
xsperry: maybe you should first search for it? https://stackoverflow.com/questions/27307660/how-to-implement-natural-sort-in-common-lisp
14:29:35
xsperry
sometimes it takes 10 seconds. other times, you can't find what you want in 10 hours
14:30:32
xsperry
10 second searches often don't lead to correct code, btw. for all I knew, maybe alexandria or similar library already has battle tested version
15:37:33
dlowe
Prototyping is when you create a test for an idea with the idea that you will throw it away once it answers your question.
15:41:19
pfdietz
And then management says "don't throw that away, turn it into a shipping product. How hard could that be?" And the pain starts.
15:45:00
flip214
so it's a good idea to prototype in Lisp, so that turning it into a products isn't as painful as in other Languages[sic] ;)
15:55:22
trafaret1
Are there peple who develop lisp programm which automatically write code on another languages?
15:57:23
pfdietz
Althoughthere's a larger market for reverse engineering. For foward engineering, there's barriers to adding unproven and immature tools to the build process.
16:35:33
beach
pfdietz: Am I understanding it correctly that you are referring to some hypothetical Lisp program as such an unproven and immature tool?
16:36:48
verisimilitude
To address what you wrote, margaritamike, I do audit libraries before I use them. I consider anything else foolhardy.
16:43:38
dlowe
ebrasca: lisp arrays are pretty bad for this. Have you tried using alien structure definitions over a mmaped block?
16:45:42
pfdietz
code generation is bad if the generated code has to be maintained by itself, and is at all obfuscated.
16:47:03
pfdietz
If the code generator is kept as part of a build process it has to be integrated with it, which is expensive.
17:11:37
Bike
If a class has a slot with an initform, there's no way to specify in the definition of a subclass that its version of that slot shouldn't have an initform (i.e. should be left unbound), is there?
17:13:02
easye
For Minecraft, I guess I can go with one of the History categories since it involves summarizing a fair amount of oral culture around decompiling the "open" server jar.