Kind of disappointing to see response to this SLIME bug as "overblown and theoretical"

We had to fix this in Guile, and we had demonstration attacks against it. I linked to them... it isn't theoretical.


@cwebber Looking through what I can find, the Guile protocol is just sending forms, which is vulnerable to this attack because it ends up ignoring the GET and other extra bits.

SLIME's protocol is s-expression based, and thus the GET will cause the message to be malformed (and, according to my tests, will cause swank on the CL side to terminate the connection).

I'm not sure this is as serious a vulnerability as it was in Guile.

@carlozancanaro Not sure if this is also you, but happy to see that someone is showing that I am not urgently correct ;)

SLIME seems not as in as bad of a position as Guile was. That's good! Unix domain socket support would still be nice but it appears that from web browsers SLIME isn't as at risk as I thought it was.

Sign in to participate in the conversation
Mastodon for Tech Folks

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!