[erlang-questions] Securing remote spawning

Michael McDaniel erlangy@REDACTED
Thu Apr 24 07:19:17 CEST 2008


On Wed, Apr 23, 2008 at 08:29:11PM +0100, Sean Hinde wrote:
> Hi,
> 
> No it doesn't mean you have to trust the firewall, all it means is  
> that you cannot use the built in erlang distribution for communication  
> with untrusted clients. It is very easy to roll your own RPC:
> 
> call(Sock, M,F,A) ->
>      gen_tcp:send(Sock, erlang:term_to_binary(M,F,A)).
> 
> Then at the other end:
> 
> receive
>      {tcp, Sock, Data} ->
>          case erlang:term_to_binary(Data) of
>              {M, F, A} when is_list(A) ->
> 	         case lists:member({M,F,length(A)}, Allowed_funcs) of
>                      true ->
>                          apply(M,F,A);
>                      false ->
>                           ignore
>                   end;
>              _ -> ignore
>         end
> 
> etc
> 
> Sean
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

 ... which is then communicated via a secure SSL channel to reduce
 the possibility of third party eavesdropping

~Michael

> 
> 
> On 23 Apr 2008, at 19:39, <maarten@REDACTED>  
> <maarten@REDACTED> wrote:
> > Hi,
> >
> > Thanks, but basically that means that I have to trust the firewall.  
> > If somebody gets past the first "layer of defense", they can do more  
> > damage. With great power.....
> >
> > --Maarten
> >
> >
> >
> > ----------------------------------
> > From:     "Gleb Peregud" <gleber.p@REDACTED>
> > Date:     4/23/08 17:53Subject:  Re: [erlang-questions] Securing  
> > remote spawning
> >
> > Hi,
> >
> > No. At this moment there is no such mechanism (at least none i heard
> > of). Erlang security is based on simple concept of "secret cookie". If
> > one knows cookie of running node then he gets absolute power over this
> > node. Same goes to inter-node communication - if two nodes share the
> > same cookie they trust each other fully. If it differs - they do not
> > communicate at all.
> >
> > For details see http://www.erlang.org/doc/reference_manual/distributed.html#11.7
> >
> > Of course you can roll out your own mechanism. For specific task with
> > term_to_binary/1 and binary_to_term/1 is should not be too hard.
> >
> > Also you may want to read this:
> > http://www.trapexit.org/Distributed_erlang_using_ssl_through_firewalls
> >
> > Best regards.
> >
> > On 4/23/08, Maarten Koopmans <maarten@REDACTED> wrote:
> >> Hi,
> >>
> >> New to this list and Erlang, and I have a simple question that I
> >> couldn't find an answer to in any of the docs: is it possible to
> >> restrict the possibility of remote spawning or rpc on a given set of
> >> nodes to only a subset of the functions?
> >>
> >> Because if I think "trust no one" then only cookies for SaaS
> >> applications imply that I loose a layer of defense (and have only the
> >> firewall left). Especially because the Big Plus with Erlang woudl be
> >> using Mnesia as well - but this implies moving all code busines +  
> >> Db) in
> >> the same zone.
> >>
> >> The only option I can think of is doing all communication socket  
> >> based
> >> with custom protocols/DSLs that limit what you can do.
> >>
> >> Any help/insights greatly appreciated!
> >>
> >> --Maarten
> >> _______________________________________________
> >> erlang-questions mailing list
> >> erlang-questions@REDACTED
> >> http://www.erlang.org/mailman/listinfo/erlang-questions
> >>
> >
> >
> > -- 
> > Gleb Peregud
> > http://gleber.pl/
> >
> > Every minute is to be grasped.
> > Time waits for nobody.
> > -- Inscription on a Zen Gong
> > _______________________________________________
> > erlang-questions mailing list
> > erlang-questions@REDACTED
> > http://www.erlang.org/mailman/listinfo/erlang-questions
> 
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://www.erlang.org/mailman/listinfo/erlang-questions

-- 
Michael McDaniel
Portland, Oregon, USA
http://autosys.us
+1 503 283 5284



More information about the erlang-questions mailing list