libera/#commonlisp - IRC Chatlog
Search
6:22:40
^[
leo_song: It depends on your threat model. Some might argue that it's not safe to run Quicklisp anywhere, because it doesn't use TLS or verify downloaded packages.
6:43:08
pjb
leo_song: what is not safe is to execute code that you haven't checked and validated. So ftp+asdf can be as unsafe as quicklisp, if you don't add an audit in the middle.
6:44:00
pjb
leo_song: now arguably, quicklisp doesn't have an audit hook between transfer and asdf (and asdf itself is already executing code from the asd file), so quicklisp is fundamentaly more unsafe than ftp+audit+asdf.
6:45:38
pjb
leo_song: the security model adopted here is the herd security. You just keep your ear open, and listen if somebody else has had a problem. And you'll react in that case. But it may be you… https://www.youtube.com/watch?v=Q2KwRPtEjco
6:50:01
moon-child
I guess the specific concern (given public wifi) is mitm. The question then is whether asdf uses a secure transport layer and/or does signature checking
7:44:55
kakuhen
but this time it's for a really reason: turns out the placement of your assets folder matters A LOT if you use cl-sdl2... the wrong placement of the binary will give you "unrecoverable stack overflow error" and drop you to the kernel debugger