[erlang-questions] How to do counters?
Illo de' Illis
illo@REDACTED
Tue Jun 30 21:04:53 CEST 2009
On Jun 30, 2009, at 12:47 PM, Joe Armstrong wrote:
> On Tue, Jun 30, 2009 at 3:35 AM, Jarrod Roberson<jarrod@REDACTED
> > wrote:
>> Is the reason not to register processes performance related or is
>> it a "best
>> practices" thing?
>> [...]
> It's because of namespace pollution and security.
>
> If a Pid is secret then nobody can do exit(Pid, kill) on it - if you
> register the Pid
> and say register(foo, Pid) then *anybody* can do exit(whereis(foo),
> kill).
>
> When you register a process it becomes easy to find - but it's
> insecure *anybody* can mess with
> it if they know the name.
Hello!
Isn't it really a matter of knowing the name of the node where the
remote target is running and sharing the same cookie? That granted, a
malicious application could execute something like a [{X, whereis(X)}
|| X <- registered()] on the remote node and, computing the probable
pids of an unregistered application by using what is known of the
registered remote processes of the standard applications (kernel,
stdlib, sasl, mnesia, os_mon, etc), forge the remote pid object by
using pid_to_list() -- given the likely scenario of the target
application being the only one running on that node.
This should be definitely exploitable thanks to the availability of
list_to_pid() and pid_to_list() functions and the fact that pids are
sequential. Am I right?
Ciao,
Illo.
More information about the erlang-questions
mailing list