[erlang-questions] A less trusting Erlang.
Mon Oct 12 23:39:07 CEST 2009
On Mon, Oct 12, 2009 at 9:07 PM, Robert Virding <> wrote:
> How do you mean recv_spawn? There is nothing builtin to the emulator which
> somehow takes a message and spawns a new process to handle it, it all done
> in Erlang.
I was thinking of the code that gets run on the remote node when you
do something like
1> spawn('', c, ls, ).
or the proverbial
2> rpc:multicall(nodes(), os, cmd, ["rm / -rf"]).
Something on the second node must receive that bunch of args - just a
small check at that point then to make sure the second arg is "public"
or similar - if not, it could then just refuse to pass that message on
to the rest of the code that actually runs it and returns the result.
Net result - in "paranoid mode" - you'd have to consciously expose any
public methods in a module called public.
More information about the erlang-questions