[erlang-questions] Ports and their owners

Musumeci, Antonio S <>
Wed Feb 17 17:07:28 CET 2010


Sure. But we'd like to take advantage of as much of the built in functionality as possible. The less native features we use the more overhead and fewer reasons we have of using erlang. These changes are fairly simple, generic and don't change default behavior and so we hope could be accepted into the main tree.

-----Original Message-----
From: Robert Virding [mailto:] 
Sent: Wednesday, February 17, 2010 10:53 AM
To: Musumeci, Antonio S (IT)
Cc: 
Subject: Re: [erlang-questions] Ports and their owners

On 17 February 2010 16:47, Musumeci, Antonio S <> wrote:
> Yeah... Unfortunately for what I'm doing we'd like security within the node due to running arbitrary modules, cnodes and ports. I've already began work on providing a filtering mechanism for RPC and net_kernel:spawn by moving spawn into rex and adding an optional filter callback which all calls go through. This would at least allow sandboxing the spawning of arbitrary processes to some extent. I'll be posting that to erlang-patches sometime this week. After that I'll take a shot at adding the open_port option I mentioned.
>

Another soultion would be to NOT use the standard erlang distribution but do it all yourself over tcp. This way you could get full control of what is run within a node and limit what a node is allowed to do. A bit more work maybe and not as transparent but more control.

Robert

--------------------------------------------------------------------------
NOTICE: If received in error, please destroy, and notify sender. Sender does not intend to waive confidentiality or privilege. Use of this email is prohibited when received in error. We may monitor and store emails to the extent permitted by applicable law.


More information about the erlang-questions mailing list