[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

A Quicklisp Debian package

On Sat, Dec 24, 2011 at 6:08 AM, Sebastian Tennant
<sebyte at smolny.plus.com> wrote:
> More importantly though, running as root introduces a huge security hole and
> means that we are relying completely on Zach Beane to vet all the code he
> accepts into the Quicklisp distribution.
> I've looked at instructing Quicklisp to simply download libraries, rather than
> downloading them and compiling them (see 'install' versus
> 'install-and-compile') but a number of important Quicklisp librarieshave to be
> compiled at installation time for their dependencies to be correctly handled,
> so compilation is a requirement and I don't think this should be done by a lisp
> image running as root!
> Unless you can convince me otherwise, for this reason alone, I will soon be
> reintroducing the system user.

Fair enough. You make a good point and I agree with you that a
dedicated user account is called for.

> Alternatively, you could try using the standard github collaboration model[2].
> This is probably best if you're going to get more involved (which I hope you
> do).

I must confess I'm more familiar with traditional VCS, but let me
review the instructions and prepare my forked repositories.

> While we're on the subject of workflow, I propose that we move discussion on
> swiqlisp development to github[3] as none of this is Debian specific - swiQlisp
> is the upstream project and at some point one of us should take the lead in
> developing a Debian swiqlisp package.

Agreed, let's continue the discussion there.


Reply to: