On Tue, 2016-10-11 at 09:01 -0500, Christopher Allan Webber wrote: > The Guile team has just pushed out a new commit on the Guile stable-2.0 > branch addressing a security issue for Guile. There will be a release > shortly as well. The commit is > 08c021916dbd3a235a9f9cc33df4c418c0724e03, or for web viewing purposes: > > http://git.savannah.gnu.org/cgit/guile.git/commit/?h=stable-2.0&id=08c021916 > dbd3a235a9f9cc33df4c418c0724e03 > > Due to the nature of this bug, Guile applications themselves in general > aren't vulnerable, but Guile developers are. Arbitrary scheme code may > be used to attack your system in this scenario. > > There is also a lesson here that applies beyond Guile: the presumption > that "localhost" is only accessible by local users can't be guaranteed > by modern operating system environments. If you are looking to provide > local-execution-only, we recommend using unix domain sockets or named > pipes. Don't rely on localhost plus some port. >
Indeed, I've considered to do so in Artanis too. But maybe we should provide both just like what php-fpm does? And let users choose which one to use, localhost:port or unix socket.