[erlang-questions] Erlang cookies are secure
Lyn Headley
lheadley@REDACTED
Thu Jun 9 22:20:31 CEST 2016
I don't understand why so many people are so dismissive of
cookie-based node security. Here's what Fred Hebert wrote, for
example:
"While documents like the official Erlang documentation put cookies
under the topic of security, they're really not security at all. If it
is, it has to be seen as a joke, because there's no way anybody
serious considers the cookie a safe thing. Why? Simply because the
cookie is a little unique value that must be shared between nodes to
allow them to connect together. They're closer to the idea of user
names than passwords and I'm pretty sure nobody would consider having
a username (and nothing else) as a security feature. Cookies make way
more sense as a mechanism used to divide clusters of nodes than as an
authentication mechanism."
In opposition to this extremely widespread sentiment, I believe that:
1) It is feasible to create an unguessable cookie.
2) It is feasible to prevent outsiders from seeing the cookie's value.
Therefore attackers cannot take over my node by compromising my cookie.
Where is the flaw in my reasoning?
Lyn Headley
More information about the erlang-questions
mailing list