From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Andy Wingo Newsgroups: gmane.lisp.guile.devel Subject: guile --listen Date: Sun, 10 Oct 2010 21:01:32 +0200 Message-ID: NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: dough.gmane.org 1286737100 20004 80.91.229.12 (10 Oct 2010 18:58:20 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Sun, 10 Oct 2010 18:58:20 +0000 (UTC) To: guile-devel Original-X-From: guile-devel-bounces+guile-devel=m.gmane.org@gnu.org Sun Oct 10 20:58:19 2010 Return-path: Envelope-to: guile-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1P5169-0006qk-Ml for guile-devel@m.gmane.org; Sun, 10 Oct 2010 20:58:17 +0200 Original-Received: from localhost ([127.0.0.1]:40371 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1P5169-0007qs-5r for guile-devel@m.gmane.org; Sun, 10 Oct 2010 14:58:17 -0400 Original-Received: from [140.186.70.92] (port=35259 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1P515y-0007qE-HZ for guile-devel@gnu.org; Sun, 10 Oct 2010 14:58:07 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1P515x-0007mo-AI for guile-devel@gnu.org; Sun, 10 Oct 2010 14:58:06 -0400 Original-Received: from a-pb-sasl-quonix.pobox.com ([208.72.237.25]:40096 helo=sasl.smtp.pobox.com) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1P515x-0007mk-7e for guile-devel@gnu.org; Sun, 10 Oct 2010 14:58:05 -0400 Original-Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTP id 8FFCEDD911 for ; Sun, 10 Oct 2010 14:58:04 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=from:to :subject:date:message-id:mime-version:content-type; s=sasl; bh=D 4eHcYpWYlnsoYcVvW7ezIScjYU=; b=pYrTk3f5mKdWwWj0InQ0F1czXwfsjXv4P k9LXUd6tBWXhmGOJfc38TCLdQzhpstNN2WSujHFeVVCAT7/aCFncrEagHKxIY3Dl N1qVNdyQA0yNoKwA6/zSzgJIeNWgGBB1k3W/mad9Ntho3gnRLGdA2FXOx0rZeTHg 5VxiOHYPIA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=from:to:subject :date:message-id:mime-version:content-type; q=dns; s=sasl; b=QQz KCUqFMWK9tffko1sLEasPHiOz2h4jF/JBsy338DybgzbU5IbDdxrz6Ee9E6YDzXI gZQhK137nLsWkH9+YuJ4fECu2ck4p5004lAOHFMRbN0Y7zu0PpMuP7HKXkwfaafY 13PFO2jWc5CgJw3GCAogKrpEx1Sebmc+3aWPOa4g= Original-Received: from a-pb-sasl-quonix. (unknown [127.0.0.1]) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTP id 8D10BDD910 for ; Sun, 10 Oct 2010 14:58:04 -0400 (EDT) Original-Received: from unquote.localdomain (unknown [81.39.169.13]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTPSA id D472CDD90F for ; Sun, 10 Oct 2010 14:58:03 -0400 (EDT) User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.2 (gnu/linux) X-Pobox-Relay-ID: 4FF0D6B0-D4A0-11DF-9BAA-030CEE7EF46B-02397024!a-pb-sasl-quonix.pobox.com X-detected-operating-system: by eggs.gnu.org: Solaris 10 (beta) X-BeenThere: guile-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Developers list for Guile, the GNU extensibility library" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: guile-devel-bounces+guile-devel=m.gmane.org@gnu.org Errors-To: guile-devel-bounces+guile-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.lisp.guile.devel:11017 Archived-At: Hello all, I implemented a module, (system repl server), which exports routines to listen on a socket for connections, and serve repls to clients, one thread per client. The server can also be in a different thread. I set the default socket type to TCP (on localhost only), and the default port to be 37146. It sort of looks like "GUILE" if you look at it upside down. But it's many digits, so if anyone has a different preferred default port we can change that. Now, to step somewhat more controversially... I added a command-line option to Guile, --listen, which will cause Guile to listen on a socket while it is running. You can --listen=1234 to set a specific port, or --listen=/tmp/foo-socket to use a unix domain socket (though currently we don't clean up that socket, which is probably a bug) or just --listen to listen on localhost:37146. The point is to allow any Guile program to easily add a backdoor. Of course it's amusing to be able to "nc localhost 37146" and get a repl, but I figured it will be best with Jao's Geiser emacs mode (http://www.nongnu.org/geiser/). You can just tell emacs to connect to a given port and there you are, hacking on your web server. With a suitable SSH tunnel you could hack on your live web server that way. Security-wise, using a localhost address can result in local users being able to do anything your process can do, but for some use cases that's OK. Presumably you are using some restricted user or something, and if people have a local user I'm sure there's myriad kernel holes that are more interesting than a Guile shell. Anyway, it's off by default, so it shouldn't matter. With Unix domain sockets you can do more permissions-type stuff, but I'm not sure if Emacs' comint works with unix sockets. Anyway, that's the deal. Carp now if the whole idea is offensive to you, and perhaps we can take out the command-line arg. It would be nice to be able to make any long-running Guile application hackable just with a command-line argument, though :) Cheers, Andy -- http://wingolog.org/