A less trusting Erlang.
Sun Oct 11 23:55:11 CEST 2009
I am an Erlang beginner, although I've been dipping in and out of it
for a while.
I'd like to use Erlang, and the built-in distributed meshing effect of
it to build a sort of IRC-plus distributed storage/messaging system
platform, of which each node would run the Erlang app.
However, I'd like to use avoid using lib_chan if possible, and just
use the native Erlang connectivity/distribution mechanisms.
The big problem then is that Erlang is way too trusting for connecting
to random people in the default
The obvious thing (to me anyway) would be to limit the calls that
remote nodes can make - Erlang Untrusting, if you will, or Paranoid
Would it be possible to patch the core libraries that "accept/receive"
the spawn requests, and check them against a list of "allowed"
For example, if erl was run with the -paranoid parameter, it would
only allow calls which are listed in .erlang.allowed to be made from
remote nodes. Such a file might look like public:*, mystuff:another/1,
Would it require patching and recompiling of the source to Erlang, or
could the "receive" function be "overwritten" from the
Is this approach one that could work? Are there sufficiently few
places that could be restricted to make this solution secure? How much
of a patch would this be, or are there too many places to be able to
secure it with any degree of confidence?
And even if these restrictions were in place, would it provide a
high-enough level of security to prevent ne'er-do-wells doing things
like drain resources, insert code somehow, etc? Or would it be too
hard to prevent people passing in Funs, or doing other unexpected
Hoping some Erlang heavyweights can provide some thoughts onto this
approach, and give some feedback on this idea.
PS. Apologies if this functionality already exists somewhere.
More information about the erlang-questions