Brain Dump #1

Shawn Pearce spearce@REDACTED
Thu Feb 6 18:55:38 CET 2003


I've been pondering that for a few days now.  If Erlang had a safe
mode, where processes can be boxed in, it might be possible to do
some more interesting programming.  But then again, maybe not.
I have never used the safe Perl or safe Tcl functions to run boxed
code, nor have I ever used boxed Java (except safe for a handful of
applets back in '97/'98).  That may very well be a feature not worth
implementing.  :)

One problem is definately the limit on the number of nodes.  200
nodes doesn't go very far on the public internet.

I think time would be better spent ensuring that binary_to_term/1
doesn't do strange stuff when it gets an unexpected binary (stack
smashing attacks, etc.).

Mickael Remond <mickael.remond@REDACTED> wrote:
> * Vlad Dumitrescu (EAW) <Vlad.Dumitrescu@REDACTED> [2003-02-06 17:45:16 +0100]:
> 
> > What if someone evil outside this list finds out about this, downloads
> > Erlang, enters the system and begins to "have fun" by running os:cmd("rm -rf
> > *")? ;-)
> 
> Would modifying the net_kernel to execute only allowed modules and prevent
> message passing to some process do the trick ?
> Would it be enough to have a simple secure Erlang ?

-- 
Shawn.




More information about the erlang-questions mailing list