[erlang-questions] rpc:call to a restricted shell

Son Tran-Nguyen <>
Wed Dec 19 01:32:41 CET 2012


Thanks all.

I guess I can't rely on that then.

Sincerely,


Son Tran-Nguyen



On Tue, Dec 18, 2012 at 2:28 PM, Laszlo Lovei <>wrote:

> It's quite important to understand that Erlang is not a scripting language
> where your source code is interpreted and you can use the same interpreter
> as a shell. It's exactly the opposite: the shell is an interpreter (written
> in Erlang and compiled into binary code understood by the Erlang VM) that
> evaluates Erlang expressions entered at the prompt and formatting their
> results. This has a number of consequences regarding performance and
> semantics, expressions evaluated by the shell do not have the same meaning
> as code compiled into modules.
>
> To answer your question too: the rpc server runs independently of the
> shell, and the latter may impose artificial restrictions on what it accepts
> without affecting any other part of the system.
>
>
> L.
>
>
> On Tuesday, December 18, 2012 6:28:13 AM UTC+1, Son Tran-Nguyen wrote:
>>
>> Hello list,
>>
>> In one of my application, I start a restricted shell as a slave node,
>> using a callback module as follow:
>>
>> The callback module, for example, returns {false, State} for
>> gen_event:start/0 function to prevent that to be run. When tested in an
>> actual restricted shell, it is prevented as expected:
>>
>> smba:eggs esente$ erl -pa apps/*/ebin -stdlib restricted_shell
>> shell_callback
>> Erlang R15B02 (erts-5.9.2) [source] [64-bit] [smp:4:4] [async-threads:0]
>> [hipe] [kernel-poll:false] [dtrace]
>>
>> Restricted Eshell V5.9.2  (abort with ^G)
>> 1> gen_event:start().
>> ** exception exit: restricted shell does not allow gen_event:start()
>> 2>
>>
>> However, when used in my app by making a call to the remote restricted
>> shell using rpc:call/4, the call went through:
>>
>> Args = "-stdlib restricted_shell editor_shell",
>> {ok, Node} = slave:start_link(smba, editor, Args),
>> {ok, Entity} = rpc:call(Node, gen_event, start, []),
>>
>> It returns Entity as a pid().
>>
>> I understand that the callback functions cannot be used to allow or
>> disallow execution of functions called from compiled code, but only
>> functions called from expressions entered at the shell prompt.
>>
>> I would like to confirm that rpc:call/4 does not enter the call into the
>> remote shell, but doing some stuffs to run the call directly.
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20121218/d3f8ac45/attachment.html>


More information about the erlang-questions mailing list