[erlang-questions] Preventing calling some functions
Jayson Vantuyl
kagato@REDACTED
Sun Dec 13 14:40:52 CET 2009
> Hi,
>
> I don't see why I should have more trust and confidence in the creator of the server application itself then in the creator of a plugin.
> If I want to restrict a plugin from doing something particular on my machines, I would restrict the server itself in the first place.
I don't particularly buy this. I think that there are plenty of reasons to lock-down a plug-in that have nothing to do with trusting the author or not. If security is at all a concern, it's perfectly reasonable to attempt to achieve a high-level of compartmentalization between components. The principle of least privilege is a good one, even within an application. The plug-in author doesn't have to be malicious for her code to be abused.
> Your second point sounds like "defensive programming". See: http://www.erlang.se/doc/programming_rules.shtml#HDR11
I heartily agree on this point.
--
Jayson Vantuyl
kagato@REDACTED
More information about the erlang-questions
mailing list