From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!.POSTED!not-for-mail
From: "Thompson, David" <dthompson2@worcester.edu>
Newsgroups: gmane.lisp.guile.user,gmane.lisp.guile.devel
Subject: Re: Guile security vulnerability w/ listening on localhost + port
	(with fix)
Date: Wed, 12 Oct 2016 12:11:30 -0400
Message-ID: <CAJ=RwfYToxpvz06wK+ksHBvgSwZ-pEBadR7G4v+Y7ycgEfYr=A@mail.gmail.com>
References: <87k2dfc7dd.fsf@dustycloud.org>
	<1476287379.10369.22.camel@gmail.com>
NNTP-Posting-Host: blaine.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
X-Trace: blaine.gmane.org 1476288746 14693 195.159.176.226 (12 Oct 2016 16:12:26 GMT)
X-Complaints-To: usenet@blaine.gmane.org
NNTP-Posting-Date: Wed, 12 Oct 2016 16:12:26 +0000 (UTC)
Cc: Guile User <guile-user@gnu.org>, guile-devel <guile-devel@gnu.org>
To: Nala Ginrut <nalaginrut@gmail.com>
Original-X-From: guile-user-bounces+guile-user=m.gmane.org@gnu.org Wed Oct 12 18:12:22 2016
Return-path: <guile-user-bounces+guile-user=m.gmane.org@gnu.org>
Envelope-to: guile-user@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by blaine.gmane.org with esmtp (Exim 4.84_2)
	(envelope-from <guile-user-bounces+guile-user=m.gmane.org@gnu.org>)
	id 1buM8c-0002Hx-JR
	for guile-user@m.gmane.org; Wed, 12 Oct 2016 18:12:14 +0200
Original-Received: from localhost ([::1]:34582 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <guile-user-bounces+guile-user=m.gmane.org@gnu.org>)
	id 1buM8c-0004rN-B1
	for guile-user@m.gmane.org; Wed, 12 Oct 2016 12:12:14 -0400
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:37791)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <dthompson2@worcester.edu>) id 1buM7x-0004nq-EB
	for guile-user@gnu.org; Wed, 12 Oct 2016 12:11:34 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <dthompson2@worcester.edu>) id 1buM7w-00055M-E1
	for guile-user@gnu.org; Wed, 12 Oct 2016 12:11:33 -0400
Original-Received: from mail-qk0-x232.google.com ([2607:f8b0:400d:c09::232]:34439)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <dthompson2@worcester.edu>) id 1buM7w-000556-96
	for guile-user@gnu.org; Wed, 12 Oct 2016 12:11:32 -0400
Original-Received: by mail-qk0-x232.google.com with SMTP id f128so37974209qkb.1
	for <guile-user@gnu.org>; Wed, 12 Oct 2016 09:11:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=worcester-edu.20150623.gappssmtp.com; s=20150623;
	h=mime-version:in-reply-to:references:from:date:message-id:subject:to
	:cc; bh=y/dygVci92nQDn/r0L1FDtN1Jce9bTuRy7tjnlg33tE=;
	b=VQXXjRGo0rZY0u7N9qpt9rv3c1L/DQNYam2oyGxtVOWCe/uVUwcrTqNZR8R+IRroSf
	mbqyNfgFFEoQEp7c+GNKoW39U/jJ4dIU2NcLhaF9Ja/MTHHsrkVH8g5XsFXK7XeCmcb7
	oKftyjb2M9w6g7F4xf32awHs3st833PTXuVmARUB68VeGd9o5l40pFlQu0m4Z+r+g+xT
	mJp8zgntTTcQr4WbrJqbVxwWtd17WVH9+2uI9QJ3K6MVDqOEhpeyR9OG7miUzyTSiXwn
	Id5DcT+DtTKHK+EGMLgpX59Hp/LIA6WzL83UdrEHUZGYj0r38kaF2czQDSnlbQmgsEuk
	PZZQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:mime-version:in-reply-to:references:from:date
	:message-id:subject:to:cc;
	bh=y/dygVci92nQDn/r0L1FDtN1Jce9bTuRy7tjnlg33tE=;
	b=bR7RnG4/h3ePWyk9Y3NuAghnE9xnhKJ6OsFsBHDSC93htRn9/lfUwqxsqu2hxRFAG5
	0TSh0PQR/tC4QqH6LG6Oa2AZM3Mpt09lje10PsbJwqHu1YplvP6AskN2OKDD/sE9wJQG
	zG/XwVsUbvdnPZIT+s4IADK/nxONd4OxJTgjBkbPvyVc1eKSaheepsXF2fUg7x9hojlQ
	ufdSL3dHvY/6STUUKKbRMXaEUtf5FRkbP7AB7xnQDCiIs6oqTvE6rudk1EEC8AYhWm5G
	tEDeQRFkYKQVoz1l+M3CJMXjBEEG9AwsXH6bV3jyoGAbARV1OoiTPJxjYI+qC3eASS5l
	RPpA==
X-Gm-Message-State: AA6/9RmepkpG9/imG+KbQtNWH8+j8YMCglRFii21E8KtnbWYvGudSogO4q+NyK6DDVWISudRrS9u223QMBIn7Ulp
X-Received: by 10.55.215.151 with SMTP id t23mr1831915qkt.199.1476288691343;
	Wed, 12 Oct 2016 09:11:31 -0700 (PDT)
Original-Received: by 10.55.43.34 with HTTP; Wed, 12 Oct 2016 09:11:30 -0700 (PDT)
In-Reply-To: <1476287379.10369.22.camel@gmail.com>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2607:f8b0:400d:c09::232
X-BeenThere: guile-user@gnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: General Guile related discussions <guile-user.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guile-user>,
	<mailto:guile-user-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guile-user/>
List-Post: <mailto:guile-user@gnu.org>
List-Help: <mailto:guile-user-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guile-user>,
	<mailto:guile-user-request@gnu.org?subject=subscribe>
Errors-To: guile-user-bounces+guile-user=m.gmane.org@gnu.org
Original-Sender: "guile-user" <guile-user-bounces+guile-user=m.gmane.org@gnu.org>
Xref: news.gmane.org gmane.lisp.guile.user:12942 gmane.lisp.guile.devel:18718
Archived-At: <http://permalink.gmane.org/gmane.lisp.guile.user/12942>

On Wed, Oct 12, 2016 at 11:49 AM, Nala Ginrut <nalaginrut@gmail.com> wrote:

> But maybe we should provide both just like what php-fpm does? And let users
> choose which one to use, localhost:port or unix socket.

This is what Guile already does.

- Dave