From: Andy Wingo <wingo@pobox.com>
To: guile-devel <guile-devel@gnu.org>
Subject: guile --listen
Date: Sun, 10 Oct 2010 21:01:32 +0200 [thread overview]
Message-ID: <m339sdg9df.fsf@unquote.localdomain> (raw)
Hello all,
I implemented a module, (system repl server), which exports routines to
listen on a socket for connections, and serve repls to clients, one
thread per client. The server can also be in a different thread.
I set the default socket type to TCP (on localhost only), and the
default port to be 37146. It sort of looks like "GUILE" if you look at
it upside down. But it's many digits, so if anyone has a different
preferred default port we can change that.
Now, to step somewhat more controversially... I added a command-line
option to Guile, --listen, which will cause Guile to listen on a socket
while it is running. You can --listen=1234 to set a specific port, or
--listen=/tmp/foo-socket to use a unix domain socket (though currently
we don't clean up that socket, which is probably a bug) or just --listen
to listen on localhost:37146.
The point is to allow any Guile program to easily add a backdoor. Of
course it's amusing to be able to "nc localhost 37146" and get a repl,
but I figured it will be best with Jao's Geiser emacs mode
(http://www.nongnu.org/geiser/). You can just tell emacs to connect to a
given port and there you are, hacking on your web server. With a
suitable SSH tunnel you could hack on your live web server that way.
Security-wise, using a localhost address can result in local users being
able to do anything your process can do, but for some use cases that's
OK. Presumably you are using some restricted user or something, and if
people have a local user I'm sure there's myriad kernel holes that are
more interesting than a Guile shell. Anyway, it's off by default, so it
shouldn't matter.
With Unix domain sockets you can do more permissions-type stuff, but
I'm not sure if Emacs' comint works with unix sockets.
Anyway, that's the deal. Carp now if the whole idea is offensive to you,
and perhaps we can take out the command-line arg. It would be nice to
be able to make any long-running Guile application hackable just with a
command-line argument, though :)
Cheers,
Andy
--
http://wingolog.org/
next reply other threads:[~2010-10-10 19:01 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-10-10 19:01 Andy Wingo [this message]
2010-10-11 20:12 ` guile --listen Ludovic Courtès
2010-10-11 21:05 ` Andy Wingo
2010-10-12 8:47 ` Thien-Thi Nguyen
2010-10-12 9:40 ` Andy Wingo
2010-10-12 9:52 ` Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/guile/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m339sdg9df.fsf@unquote.localdomain \
--to=wingo@pobox.com \
--cc=guile-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).