[erlang-questions] A less trusting Erlang.

Calum <>
Mon Oct 12 23:39:07 CEST 2009


On Mon, Oct 12, 2009 at 9:07 PM, Robert Virding <> wrote:
> How do you mean recv_spawn? There is nothing builtin to the emulator which
> somehow takes a message and spawns a new process to handle it, it all done
> in Erlang.

I was thinking of the code that gets run on the remote node when you
do something like
1> spawn('', c, ls, []).
or the proverbial
2> rpc:multicall(nodes(), os, cmd, ["rm / -rf"]).

Something on the second node must receive that bunch of args - just a
small check at that point then to make sure the second arg is "public"
or similar - if not, it could then just refuse to pass that message on
to the rest of the code that actually runs it and returns the result.

Net result - in "paranoid mode" - you'd have to consciously expose any
public methods in a module called public.


More information about the erlang-questions mailing list