[erlang-questions] Ports and their owners

Robert Virding <>
Wed Feb 17 16:53:20 CET 2010


On 17 February 2010 16:47, Musumeci, Antonio S
<> wrote:
> Yeah... Unfortunately for what I'm doing we'd like security within the node due to running arbitrary modules, cnodes and ports. I've already began work on providing a filtering mechanism for RPC and net_kernel:spawn by moving spawn into rex and adding an optional filter callback which all calls go through. This would at least allow sandboxing the spawning of arbitrary processes to some extent. I'll be posting that to erlang-patches sometime this week. After that I'll take a shot at adding the open_port option I mentioned.
>

Another soultion would be to NOT use the standard erlang distribution
but do it all yourself over tcp. This way you could get full control
of what is run within a node and limit what a node is allowed to do. A
bit more work maybe and not as transparent but more control.

Robert


More information about the erlang-questions mailing list