[erlang-questions] re crappy security (RE: Erlang presentation slides)
Ulf Wiger (TN/EAB)
ulf.wiger@REDACTED
Thu Jun 7 09:44:37 CEST 2007
Just one comment,
It is often highlighted that Erlang's cookie-based
security model is not suitable for open networks
(this is true), but it's not often mentioned how
easy it is to roll your own rpc on top of just about
any transport protocol.
I once made a system of distributed web servers,
where the servers made erlang RPCs via HTTP. It
was incredibly easy - just give a MIME type
identifying the payload as an erlang term
(serialized using term_to_binary()), and as soon
as you're convinced that the sender is trustworthy,
you do something like
{M, F, As} = binary_to_term(Bin),
Res = apply(M, F, As),
reply(Res,...) % pack and send reply.
There are a few reasons why this is particularly
easy in Erlang:
- RPC can be comfortably encapsulated inside
a function call, due to selective receive
- The automatic serialization does away with
interface stubs.
You can build quite advanced distributed systems
quite easily without Distributed Erlang. The thing
you can't do this way is to have a Mnesia database
cluster securely distributed across an open network.
OTOH, not many other environments can offer
anything like that either.
Also, with a little help from your operator, you
can set up a private VLAN across the globe, e.g.
using IPsec tunnels. This would be transparent to
the Erlang application, and would be as secure as
you could wish for. I think this will become more
and more commonplace.
BR,
Ulf W
> -----Original Message-----
> From: erlang-questions-bounces@REDACTED
> [mailto:erlang-questions-bounces@REDACTED] On Behalf Of
> Toby DiPasquale
> Sent: den 7 juni 2007 06:20
> To: erlang-questions@REDACTED
> Subject: [erlang-questions] Erlang presentation slides
>
> Hi all,
>
> I just finished giving my intro Erlang talk to the Philly
> Linux User Group meeting. It went pretty well, I thought.
> Someone had earlier requested that I posted the slides in
> this forum, so here they are:
>
> http://cbcg.net/talks/erlang.pdf
>
> The material covered is the basics of Erlang and a heavy debt
> is owed to Joe Armstrong's new Erlang book for some of the
> code samples.
>
> --
> Toby DiPasquale
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://www.erlang.org/mailman/listinfo/erlang-questions
>
More information about the erlang-questions
mailing list