[erlang-questions] Remote "access" points

Ulf Wiger ulf.wiger@REDACTED
Wed Nov 18 19:33:13 CET 2009


Calum wrote:
> 
> But I spy the module name in there - erlang.
> If I could filter the {call,erlang,halt,[],self()} part ( use the
> guard =:= 'public', for instance), then that would fail too?

The problem is that you open up a huge security hole if you
allow messages to be sent by default to any process and then
try to filter out only those that you know could be dangerous.

I think the only sensible default if you want to make it safe,
is to deny everything you don't know to be safe.

BR,
Ulf W
-- 
Ulf Wiger
CTO, Erlang Training & Consulting Ltd
http://www.erlang-consulting.com


More information about the erlang-questions mailing list