[erlang-questions] A less trusting Erlang.

Kenneth Lundin kenneth.lundin@REDACTED
Tue Oct 13 08:45:18 CEST 2009


There has been plenty of thinking and prototyping in the area of
"SAFE" Erlang and the
solution is far from trivial. There are many aspects to consider.

Have a look at the following Master theses:

Safe Erlang.
Gustaf Naeser.
UU/CSD, 1997.
http://www.erlang.se/publications/xjobb/0109-naeser.pdf

Enhancing Security in Distributed Erlang by Integrating Access Control.
Rickard Green.
KTH, 2000.
http://www.erlang.se/publications/xjobb/d95-rgr.thesis.2s.pdf

Secure Distributed Communication in SafeErlang.
Bertil Karlsson.
KTH, 2000.
http://www.erlang.se/publications/xjobb/Secure_Dist_Comm_in_SafeErlang.pdf


We have not been able to prioritize work towards "SAFER" built in
distribution mechanisms
since the current implementation support local trusted networks well
enough and that
was the intended use from the beginning. This kind of distribution is still
the dominating.

It might whoever be the right time to do something in this area now.


/Kenneth Erlang/OTP Ericsson

On Tue, Oct 13, 2009 at 8:01 AM, Ulf Wiger
<ulf.wiger@REDACTED> wrote:
> Jacob Torrey wrote:
>>
>> Could perhaps the pid generation in the VM be made more random,
>> therefore you can only gain access to pids that you know the name to?
>> This seems like an obvious (and pretty trivial) solution to obscure and
>> increase the security of the Erlang system.
>
> You don't even need to bother with the pids:
>
> {rex,Node} ! {'$gen_cast',{cast,M,F,A,user}}
>
> ...will allow you to execute any function on Node.
>
> BR,
> Ulf W
> --
> Ulf Wiger
> CTO, Erlang Training & Consulting Ltd
> http://www.erlang-consulting.com
>
> ________________________________________________________________
> erlang-questions mailing list. See http://www.erlang.org/faq.html
> erlang-questions (at) erlang.org
>
>


More information about the erlang-questions mailing list