5 INSTALL for details on running Lineal... not really installing it.
6 HACKING for info on contributing to the project.
7 COPYING for license information.
8 doc/index.html for html documentation.
10 You can reach me, Alex Klinkhamer,
11 through my email: grencez@gmail.com
14 Since Lineal calls eval directly on text the client sends,
15 someone could take over the running lisp, make external system
16 calls, etc. The new save/restore feature calls unchecked evals
17 so an exploit is quite simple.
18 (defun do-bad-things () (unspeakable-evil))
20 Any vulnerabilities in your Hunchentoot setup also apply,
21 not that I know of any.
23 You should sandbox your lisp if there's any risk factors
24 e.g. if you're not behind a firewall and plan on running Lineal
27 YOU CAN ALSO DISABLE the save/restore feature in "run.lisp",
28 just uncomment the line where 'no-save-restore is set by
29 changing the plus to a minus.
31 In the future, I plan to add checksum support to reject any
32 changed restore files.