[caplisp-devel] Fwd: [e-lang] "Fixing" the Common Lisp package system
Status: Planning
Brought to you by:
radix42
Menu
▾
▴
[caplisp-devel] Fwd: [e-lang] "Fixing" the Common Lisp package system
|
From: David M. <ra...@gm...> - 2005-09-17 19:19:20
|
Here ya go! -David ---------- Forwarded message ---------- From: Jonathan Rees <ja...@mu...> Date: Aug 26, 2005 6:47 PM Subject: Re: [e-lang] "Fixing" the Common Lisp package system To: Kevin Reid <kp...@at...>, David Mercer <ra...@gm...> (Not cc'ing e-lang for uninteresting reasons related to my incomplete transition to new email client infrastructure. Feel free to forward but change the email address to ja...@mu.... Sorry I haven't followed the whole thread.) I think this is a herculean task. Good luck. There are scores of features in Common Lisp that show abysmal capability discipline. This is one thing that led me to give up on it (I worked on the first Common Lisp implementation, NIL) and do T and Scheme 48 instead. I always had in mind the goal of running multiple mistrusting users in a single address space, which is tantamount to capability security. While this has never happened in a serious way, it would be very easy to do a capability-disciplined Scheme 48 if anyone cared to. E.g. pairs are mutable in Scheme 48, for compatibility with the Scheme report, but it is easy to remove set-car! and set-cdr! from the namespace with little change in functionality. (You'd have to rewrite list-sort and some other things that use them internally.) Let's see... you'll have to make GET local to a lexical namespace somehow, and OPEN... and Lisp INTERN has the same problem that Java's does - if you can detect the internedness of a string then confinement is impossible. I guess you already ditched dynamic binding, catch and throw, and the condition system. And there are tons of things that are similar to GET in that they access global state - logical pathnames, readtables, defsetf, properties on keyword symbols, etc. Were you going to make packages be the atomic security domain, so that each had its own GET and so on (in effect a separate address space)? I'm using Common Lisp now so the horrors of the package system and the rest of the language are fresh in my mind. I think your eventual language won't be recognizable as Common Lisp, but it will be much improved. Best of luck Jonathan --=20 "Nothing above represents the position or opinion of the University of Arizona or the Dept. of Mathematics, so there! :-)" |
