[erlang-patches] What's cooking in erlang/otp (2010-03-22)

Musumeci, Antonio S Antonio.Musumeci@REDACTED
Mon Mar 22 21:07:01 CET 2010


 
> "Almost secure" is not any better than "definitely not secure". You > still cannot allow untrusted nodes to connect. (To reach the level > of complete security is very hard for a protocol that was not
> designed for that in the beginning.) 

If this is true why support cookies at all? Why complicate the code with basic authentication when if you don't want two nodes possibly connecting to one another an individual just shouldn't start them in networking mode. Why have the allowed list? Or protections for ETS tables? Or keep around the "connected" process port info.

--------------------------------------------------------------------------
NOTICE: If received in error, please destroy, and notify sender. Sender does not intend to waive confidentiality or privilege. Use of this email is prohibited when received in error. We may monitor and store emails to the extent permitted by applicable law.

--------------------------------------------------------------------------
NOTICE: If received in error, please destroy, and notify sender. Sender does not intend to waive confidentiality or privilege. Use of this email is prohibited when received in error. We may monitor and store emails to the extent permitted by applicable law.


More information about the erlang-patches mailing list