From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.devel Subject: Re: Emacs RPC Date: Sun, 24 Apr 2011 20:21:41 -0500 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Message-ID: <87pqobgm6y.fsf@lifelogs.com> References: <874o5ny2cw.fsf@stupidchicken.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: dough.gmane.org 1303694532 23984 80.91.229.12 (25 Apr 2011 01:22:12 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Mon, 25 Apr 2011 01:22:12 +0000 (UTC) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Apr 25 03:22:08 2011 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([140.186.70.17]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1QEAV5-0000KF-OL for ged-emacs-devel@m.gmane.org; Mon, 25 Apr 2011 03:22:07 +0200 Original-Received: from localhost ([::1]:52469 helo=lists2.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QEAV5-0001j3-8h for ged-emacs-devel@m.gmane.org; Sun, 24 Apr 2011 21:22:07 -0400 Original-Received: from eggs.gnu.org ([140.186.70.92]:56977) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QEAV0-0001iw-T9 for emacs-devel@gnu.org; Sun, 24 Apr 2011 21:22:05 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QEAUw-0001Jf-OU for emacs-devel@gnu.org; Sun, 24 Apr 2011 21:22:02 -0400 Original-Received: from lo.gmane.org ([80.91.229.12]:38400) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QEAUw-0001GW-F5 for emacs-devel@gnu.org; Sun, 24 Apr 2011 21:21:58 -0400 Original-Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1QEAUu-0000DR-Fj for emacs-devel@gnu.org; Mon, 25 Apr 2011 03:21:56 +0200 Original-Received: from c-67-186-102-106.hsd1.il.comcast.net ([67.186.102.106]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Mon, 25 Apr 2011 03:21:56 +0200 Original-Received: from tzz by c-67-186-102-106.hsd1.il.comcast.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Mon, 25 Apr 2011 03:21:56 +0200 X-Injected-Via-Gmane: http://gmane.org/ Original-Lines: 37 Original-X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: c-67-186-102-106.hsd1.il.comcast.net X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" User-Agent: Gnus/5.110016 (No Gnus v0.16) Emacs/24.0.50 (gnu/linux) Cancel-Lock: sha1:KZhAGrXbmu0xIiUADC5jQ4eLzXk= X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-Received-From: 80.91.229.12 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:138693 Archived-At: On Sun, 24 Apr 2011 20:00:55 +0200 Lars Magne Ingebrigtsen wrote: LMI> Originally I was thinking a string (since that's what emacsclient does), LMI> but I now feel that a Lisp form would be more useful and RPC-ey, and I LMI> think the return value should also be a Lisp form. LMI> That is, you'd say LMI> (server-eval-at "foo" '(+ 1 2)) LMI> and get back LMI> 3 LMI> That is, `server-eval-at' will do a `read-from-string' on the output it LMI> gets back from the server, basically. LMI> Perhaps `eval-at' would be a better name, though? Please, please implement this securely from the start. emacsclient is terribly insecure and we don't need to repeat that. The communication itself doesn't have to be secure, only signed. So the signature could be as simple as a MD5 hash of the data concatenated with a secret, or a full-blown GPG signature. You could also use the GnuTLS server facilities (very similar to the existing client facilities) to check the certificates mutually and encrypt the connection. Then you don't need signatures on the content. The client has to have a client-side SSL certificate to present to the server, and the server's certificate is checked by the client as well. Whether you choose to use GnuTLS or something simpler, I hope you agree there should be something better than "just eval some code and trust everyone is good" for this facility. Ted