Rebranding distributed Erlang
Mickael Remond
mickael.remond@REDACTED
Wed Apr 28 17:50:56 CEST 2004
On Wed, 28 Apr 2004 08:02:15 -0500, Rick Pettit <rpettit@REDACTED>
wrote:
> On Wed, Apr 28, 2004 at 11:40:10AM +0200, Bengt Kleberg wrote:
>> Joe Armstrong wrote:
>> ...deleted
>>
>> > Now that, my friends, is pretty much what any decent peer to peer
>> >system does (or should do).
>> >
>> >
>> security? afaik it is possible to do anything to another node once i
>> have connected to it.
>
> Out of the box, perhaps. It should be possible to modify the user-defined
> net_kernel process to employ other authentication mechanisms besides the
> clear-text-cookie.
Clear-text-cookie is not the only things to change to add peer2peer
security. Bengt was refering to the fact that once you grant access to a
node you grant this access with no restriction. This means that on node
can execute os:cmd("rm -rf /"). on a target node.
There have been several discussions on security already. The most advanced
work on this side was the SSErl prototype:
http://www.unsw.adfa.edu.au/~lpb/papers/tr9704.html
--
Mickaël Rémond
http://www.erlang-projects.org/
More information about the erlang-questions
mailing list