Limit functions available to a process

Brentley Jones the.ajarn@REDACTED
Sat Dec 5 22:42:23 CET 2009

Hi list,

I remember seeing in the list a topic which talked a proposal which would allow different functions being available from a module depending on context. One would be able to give a different name to a module and expose different functions to certain modules. (Maybe someone could find a link to this?)

I only mention this to give context to what I want to be able to do. I know that currently in Erlang every process can call any function that it is exposed to. This includes the auto-imported "global" functions and BIFs, as well as all exported functions of other modules. I want to be able to limit a process, or module, from calling certain functions. For example, if I have the following module, with [1] being just one way to allow this, I want [2] below to produce either an undef or similar runtime error.

%% sandbox.erl

-unimport(os). %[1]
-unimport(erlang, [spawn/1, spawn/2, spawn/3, spawn/4]). % [1]

do_something_naughty() ->
    os:cmd("rm important_file"). % [2]

There have been a couple "safe Erlang" topics started recently, and I know that this won't prevent a process from calling the function through RPC, but it is a start to sandboxing Erlang modules or processes.

Since I know this currently isn't supported, where would I start looking (erl code or C code) to make this change? If I'm only thinking on the module level, is there a table that holds all exposed modules and/or functions?

Thanks for your time,

- Brentley Jones

More information about the erlang-questions mailing list