[erlang-questions] Securely running code on an untrusted client
Ulf Wiger (TN/EAB)
ulf.wiger@REDACTED
Mon Jan 7 08:01:35 CET 2008
Travis Jensen skrev:
> I've been looking around online and haven't seen anything to contradict
> what I assume to be the case, but I'm unfamiliar enough with Erlang that
> I figure I should ask.
>
> Assuming I have a server on one system and a client on another system
> that exists out somewhere else in the broad, scary internet. The server
> is trusted, the client is not. The network connection between the two
> is not trusted.
>
> Is there any way to run trusted code on the client?
As far as I know, the closest you will get right now with
Erlang is ErlHive.
http://erlhive.sourceforge.net/
ErlHive is sort of presented as a web application development
framework, but is really mainly a multi-user back-end with
safe code execution. It happens to have a front-end application
which hooks into Yaws, and enables user authentication via
HTTP.
ErlHive is able to compile modules from source, or interpret
erlang expressions. It forbids operations that are not known
to be safe, but also offers safe alternatives to many
operations that normally wouldn't be: a virtual file system,
process spawning, send & receive, ets tables, etc. All code
runs inside mnesia transactions.
BR,
Ulf W
More information about the erlang-questions
mailing list