security and OTP based apps.
Tue May 6 13:28:23 CEST 2003
On 6 May 2003, Niall Dalton wrote:
>I'm thinking of using Erlang (and OTP libs) to build a
>highly-concurrent distributed application. I'd like to have
>supervisors starting processes on remote nodes, hot-code
>swapping and so on. All this seems much easier and more
>practical in Erlang than other languages.
>My only real question before starting on a prototype is on
>security. The application would be accessible from the
>Internet. I have read a bit about setting the cookies, but
>also that "the user must be allowed to rsh to the remote
>hosts without being prompted for a password" (using
>whatever mechanisms rsh uses for this).
Bengt has answered this. I propose that you make sure that
the shell given to the user is restricted. I would also
avoid giving the users access to the erlang shell.
Unfortunately, we still do not have an erlang shell with
Regarding distributed erlang, there are a couple of things
you can do to increase security:
- You may use net_kernel:allow/1 to restrict which nodes are
allowed to connect to your system using distributed erlang
- By starting erlang with the boot flag
'erl -kernel dist_auto_connect never', you can further
restrict applications from connecting from your node
to others (one can still do it explicitly, using
- Do not use distributed erlang for your user interface.
Rather, use some socket RPC, CORBA, UBF, or similar.
This allows you to restrict what functions can be
called from the outside (e.g. not allowing things like
os:cmd("rm -rf /") or erlang:halt().)
Ulf Wiger, Senior Specialist,
/ / / Architecture & Design of Carrier-Class Software
/ / / Strategic Product & System Management
/ / / Ericsson AB, Connectivity and Control Nodes
More information about the erlang-questions