[Haskell-cafe] Maintaining lambdabot
Jason Dagit
dagitj at gmail.com
Fri Mar 15 22:45:40 CET 2013
On Fri, Mar 15, 2013 at 9:19 AM, James Cook <mokus at deepbondi.net> wrote:
> On Mar 14, 2013, at 11:08 PM, Jason Dagit <dagitj at gmail.com> wrote:
>
> > My real reason for reviving this thread: Can I get a status update,
> please?
>
> Sure. I don't have as much time as I'd like these days for open-source
> projects, but with Jan's help the code has been cleaned up quite a bit in
> general, and a lot of old bit-rot has been fixed. I have not specifically
> addressed security yet, but it's not as dire a situation as I think it
> sounded from my earlier remarks.
>
> Basically, security is currently a bit "DIY". If there are any holes,
> they are probably quite subtle because there are very, very few moving
> parts on lambdabot's side. mueval and Safe Haskell are used to enforce
> resource limitations and type-safety, respectively, but -fpackage-trust is
> not (yet) turned on. So all packages installed on the system are available
> for the interpreted code (if imported using a command such as "@let import
> Foo.Bar"), as long as Safe Haskell permits. This is the main potential
> security hole - the system may have modules installed and marked
> "Trustworthy" that the administrator has not explicitly decided whether to
> trust, and which are not, in fact, as safe as the author asserts.
> Currently, lambdabot trusts such packages. My intention is to add some
> commands (available only to lambdabot admins) or maybe a static
> configuration option for managing a list of packages to explicitly trust,
> with all others being untrusted.
>
> And of course, for a "production" system an OS-enforced sandbox is a great
> idea no matter how secure you believe the code do be.
>
> Aside from that caveat, I think that the code could be put on hackage
> today and I'd have few, if any, reservations about it.
>
I haven't been following the thread closely. Is there also a github? If so,
where? Some of us figured out a bug fix for the quotes plugin and I'll send
a pull request if I get a chance.
Thanks for the update,
Jason
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.haskell.org/pipermail/haskell-cafe/attachments/20130315/441c00d1/attachment.htm>
More information about the Haskell-Cafe
mailing list