[erlang-questions] Securing remote spawning

Sean Hinde <>
Wed Apr 23 21:29:11 CEST 2008


Hi,

No it doesn't mean you have to trust the firewall, all it means is  
that you cannot use the built in erlang distribution for communication  
with untrusted clients. It is very easy to roll your own RPC:

call(Sock, M,F,A) ->
     gen_tcp:send(Sock, erlang:term_to_binary(M,F,A)).

Then at the other end:

receive
     {tcp, Sock, Data} ->
         case erlang:term_to_binary(Data) of
             {M, F, A} when is_list(A) ->
	         case lists:member({M,F,length(A)}, Allowed_funcs) of
                     true ->
                         apply(M,F,A);
                     false ->
                          ignore
                  end;
             _ -> ignore
        end

etc

Sean


On 23 Apr 2008, at 19:39, <>  
<> wrote:
> Hi,
>
> Thanks, but basically that means that I have to trust the firewall.  
> If somebody gets past the first "layer of defense", they can do more  
> damage. With great power.....
>
> --Maarten
>
>
>
> ----------------------------------
> From:     "Gleb Peregud" <>
> Date:     4/23/08 17:53Subject:  Re: [erlang-questions] Securing  
> remote spawning
>
> Hi,
>
> No. At this moment there is no such mechanism (at least none i heard
> of). Erlang security is based on simple concept of "secret cookie". If
> one knows cookie of running node then he gets absolute power over this
> node. Same goes to inter-node communication - if two nodes share the
> same cookie they trust each other fully. If it differs - they do not
> communicate at all.
>
> For details see http://www.erlang.org/doc/reference_manual/distributed.html#11.7
>
> Of course you can roll out your own mechanism. For specific task with
> term_to_binary/1 and binary_to_term/1 is should not be too hard.
>
> Also you may want to read this:
> http://www.trapexit.org/Distributed_erlang_using_ssl_through_firewalls
>
> Best regards.
>
> On 4/23/08, Maarten Koopmans <> wrote:
>> Hi,
>>
>> New to this list and Erlang, and I have a simple question that I
>> couldn't find an answer to in any of the docs: is it possible to
>> restrict the possibility of remote spawning or rpc on a given set of
>> nodes to only a subset of the functions?
>>
>> Because if I think "trust no one" then only cookies for SaaS
>> applications imply that I loose a layer of defense (and have only the
>> firewall left). Especially because the Big Plus with Erlang woudl be
>> using Mnesia as well - but this implies moving all code busines +  
>> Db) in
>> the same zone.
>>
>> The only option I can think of is doing all communication socket  
>> based
>> with custom protocols/DSLs that limit what you can do.
>>
>> Any help/insights greatly appreciated!
>>
>> --Maarten
>> _______________________________________________
>> erlang-questions mailing list
>> 
>> http://www.erlang.org/mailman/listinfo/erlang-questions
>>
>
>
> -- 
> Gleb Peregud
> http://gleber.pl/
>
> Every minute is to be grasped.
> Time waits for nobody.
> -- Inscription on a Zen Gong
> _______________________________________________
> erlang-questions mailing list
> 
> http://www.erlang.org/mailman/listinfo/erlang-questions




More information about the erlang-questions mailing list