[eeps] Supporting a port number in spawn/4
José Valim
jose.valim@REDACTED
Mon Oct 21 21:38:17 CEST 2019
Hi Amit K, welcome!
I may be speaking out of turn, but I *think* the erlang-questions mailing
list is the more appropriate place. This mailing list is about Erlang
Enhancement Proposal and writing one requires a more complete overview and
understanding of a change and its impact on the language, runtime and
ecosystem. You can learn more about them here:
https://www.erlang.org/erlang-enhancement-proposals/home
Furthermore, erlang-questions has more users, so it is the best place if
you want to get feedback on ideas. Then based on this feedback and if a
complex change is necessary, you could submit an EEP.
I hope this clarifies a bit!
*José Valim*
www.plataformatec.com.br
Founder and Director of R&D
On Mon, Oct 21, 2019 at 8:00 PM Amit K <klg.amit@REDACTED> wrote:
> Hi all,
>
> (originally posted this to erlang-questions, I realize now that this is
> the more fitting list for that).
>
> I am very new to Erlang, am considering to use it in a project and I have
> some security concerns.
> I can see it's quite easy to configure TLS for the node-to-node
> communication, but making the name-to-port resolution service (epmd) secure
> seem a bit too complex to me, such as the one suggested here:
> https://www.erlang-solutions.com/blog/erlang-and-elixir-distribution-without-epmd.html
>
> So I was thinking, seeing that there are already options to:
> 1. Start a distributed node without epmd (-start_epmd false)
> 2. Limit a node's port numbers to a specific range (via inet_dist_listen_min
> & inet_dist_listen_max).
>
> Wouldn't it be nice if we could also specify a predefined port to spawn/4,
> to complete that picture? That is allow spawn to look like:
> spawn("Name@REDACTED:Port", Mod, Func, ArgList).
> Then when spawn sees that a port was provided, it can completely skip the
> "epmd resolution" part and proceed with connecting to the target node via
> the provided port.
> Note: I realize that the "Name" becomes slightly redundant when the Port
> is explicit. However this can still be useful - it would be good if the
> implementation will actually also verify that the port belongs to the
> provided name at the receiving side, so that a node will not accidentally
> process a message that wasn't meant for it.
>
> Again, I'm a complete newbie to Erlang in general, so I may be missing
> something essential here :) But I would love to know what that is, if
> that's the case, or hear your thoughts in general otherwise :)
>
> Thanks!
> _______________________________________________
> eeps mailing list
> eeps@REDACTED
> http://erlang.org/mailman/listinfo/eeps
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/eeps/attachments/20191021/b4c363e6/attachment.htm>
More information about the eeps
mailing list