[erlang-questions] Restricting the connection between two nodes
Fri Jan 7 06:04:16 CET 2011
In the message <AANLkTik=>
dated Mon, Jan 03, 2011 at 03:33:44PM +0100,
Tomasz Maciejewski <> writes:
> Is there a way to restrict the connection between two nodes, allowing
> executing only specific functions (eg. only from specific "exported"
> Suppose we have two nodes running one application, respectively:
> private_node (eg. Mnesia with sensitive data, or a port owner) and
> public_node (eg. HTTP/FTP daemon). The two nodes are connected
> together and the public_node needs some data from private_node, but
> private_node has some sensitive functions. Now, if someone gains
> control over
> public_node, he can call any function from private_node by simply
> rpc:call, as well as sending arbitrary messages to processes on
In the case above, once the public_node is taken over, you can't do much
to protect the private node. So don't let the public_node get taken.
> How can I protect against breaking in to Erlang by public internet
> service? Is it even possible to gain access to a remote shell
> (assuming cookie wasn't stolen) by some remote hole in Erlang/Inets/My
As default, the Distributed Erlang RPC packets are unprotected (i.e.,
not encrypted) at all; they are built on the plain TCP connections.
What you might need is secure-and-private connection between the two
nodes with encryption. The secure connection can be on many different
levels: application software or on the IP (IPsec).
About a year ago I tried to build an example of Erlang RPC over the SSH
module . Dave "Dizzyd" Smith, the rebar guru, also once published a
paper of his idea on securely building inter-node RPCs on Erlang .
If you want to see the video on my presentation at Erlang Factory
SF Bay 2010:
And the slides:
> With the solution of "restricring remote function calls only to
> functions from specific module", I could implement public API in
> private_server and be protected against gaining control over
Currently there's no native mechanism to restrict function calls in
Erlang, so far I've learned. If you really want this level of
protection, Distributed Erlang RPC itself is not suitable.
> I will really appreciate any comments on security in Erlang.
> Tomasz Maciejewski
More information about the erlang-questions