Re: Could somebody use SCSH, Sheme, or Lisp to create the "Lispm" architecture.

[Joe Marshall <jrm@ccs.neu.edu>]

bear@sonic.net writes:

> A modern LispM would face a very different environment in terms of 
> what type of users it was available to. Given the new motivations 
> of users and developers, and would need much different defenses 
> against malicious users and malicious code.  I think the separate 
> memory spaces and permission controls of a UNIX type system are an 
> absolute minimum for anything that's going to be connected to the 
> net these days.  Buffer overruns and stack screws can't happen in 
> LISP, but if you put something on the net, it will have to deal 
> with all the hostility that anyone can throw at it. 

www.whitehouse.gov was running CL-HTTP on a Symbolics machine
*outside* the firewall for many years.  It was never broken into and
not for lack of trying.

It is true that the vast majority of crackers and script kiddies
wouldn't know where to begin to attack the server, and presumably the
vulnerabilities would be better known if the hardware and software
were more popular, but the immediate evidence indicates that a LispM
running CL-HTTP in a shared address space is far more secure than your
average Apache or IIS installation running in a separate one.