[erlang-questions] Stand alone erlang deployment

Bernard Duggan <>
Thu Nov 12 22:02:05 CET 2009


Jose Castro wrote:
> The issue now is security, with reltool everything works fine, but even on a simple hello world, the reltool deployment allows me to run from the erlang shell something like: os:cmd("whatever!!").
>
> Is there a way to inhibit this behaviour?
    Take a look at the thread last month entitled "A less trusting
Erlang" where this is discussed in great detail.  The very short answer,
however, is "no, not if you want to use the native Erlang communication
system".  You can limit who can connect using cookies, but once
someone's connected you cannot limit what they can do.  If you need it
more secure than that, you'll want to use a system other than the native
Erlang one.

Cheers,

Bernard


More information about the erlang-questions mailing list