[erlang-questions] Securing remote spawning
Michael McDaniel
erlangy@REDACTED
Thu Apr 24 07:19:17 CEST 2008
On Wed, Apr 23, 2008 at 08:29:11PM +0100, Sean Hinde wrote:
> Hi,
>
> No it doesn't mean you have to trust the firewall, all it means is
> that you cannot use the built in erlang distribution for communication
> with untrusted clients. It is very easy to roll your own RPC:
>
> call(Sock, M,F,A) ->
> gen_tcp:send(Sock, erlang:term_to_binary(M,F,A)).
>
> Then at the other end:
>
> receive
> {tcp, Sock, Data} ->
> case erlang:term_to_binary(Data) of
> {M, F, A} when is_list(A) ->
> case lists:member({M,F,length(A)}, Allowed_funcs) of
> true ->
> apply(M,F,A);
> false ->
> ignore
> end;
> _ -> ignore
> end
>
> etc
>
> Sean
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
... which is then communicated via a secure SSL channel to reduce
the possibility of third party eavesdropping
~Michael
>
>
> On 23 Apr 2008, at 19:39, <maarten@REDACTED>
> <maarten@REDACTED> wrote:
> > Hi,
> >
> > Thanks, but basically that means that I have to trust the firewall.
> > If somebody gets past the first "layer of defense", they can do more
> > damage. With great power.....
> >
> > --Maarten
> >
> >
> >
> > ----------------------------------
> > From: "Gleb Peregud" <gleber.p@REDACTED>
> > Date: 4/23/08 17:53Subject: Re: [erlang-questions] Securing
> > remote spawning
> >
> > Hi,
> >
> > No. At this moment there is no such mechanism (at least none i heard
> > of). Erlang security is based on simple concept of "secret cookie". If
> > one knows cookie of running node then he gets absolute power over this
> > node. Same goes to inter-node communication - if two nodes share the
> > same cookie they trust each other fully. If it differs - they do not
> > communicate at all.
> >
> > For details see http://www.erlang.org/doc/reference_manual/distributed.html#11.7
> >
> > Of course you can roll out your own mechanism. For specific task with
> > term_to_binary/1 and binary_to_term/1 is should not be too hard.
> >
> > Also you may want to read this:
> > http://www.trapexit.org/Distributed_erlang_using_ssl_through_firewalls
> >
> > Best regards.
> >
> > On 4/23/08, Maarten Koopmans <maarten@REDACTED> wrote:
> >> Hi,
> >>
> >> New to this list and Erlang, and I have a simple question that I
> >> couldn't find an answer to in any of the docs: is it possible to
> >> restrict the possibility of remote spawning or rpc on a given set of
> >> nodes to only a subset of the functions?
> >>
> >> Because if I think "trust no one" then only cookies for SaaS
> >> applications imply that I loose a layer of defense (and have only the
> >> firewall left). Especially because the Big Plus with Erlang woudl be
> >> using Mnesia as well - but this implies moving all code busines +
> >> Db) in
> >> the same zone.
> >>
> >> The only option I can think of is doing all communication socket
> >> based
> >> with custom protocols/DSLs that limit what you can do.
> >>
> >> Any help/insights greatly appreciated!
> >>
> >> --Maarten
> >> _______________________________________________
> >> erlang-questions mailing list
> >> erlang-questions@REDACTED
> >> http://www.erlang.org/mailman/listinfo/erlang-questions
> >>
> >
> >
> > --
> > Gleb Peregud
> > http://gleber.pl/
> >
> > Every minute is to be grasped.
> > Time waits for nobody.
> > -- Inscription on a Zen Gong
> > _______________________________________________
> > erlang-questions mailing list
> > erlang-questions@REDACTED
> > http://www.erlang.org/mailman/listinfo/erlang-questions
>
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://www.erlang.org/mailman/listinfo/erlang-questions
--
Michael McDaniel
Portland, Oregon, USA
http://autosys.us
+1 503 283 5284
More information about the erlang-questions
mailing list