[erlang-questions] Remote "access" points

Roberto Aloi roberto.aloi@REDACTED
Thu Nov 19 12:00:49 CET 2009


Hi again,

> The problem is that you open up a huge security hole if you
> allow messages to be sent by default to any process and then
> try to filter out only those that you know could be dangerous.
>
> I think the only sensible default if you want to make it safe,
> is to deny everything you don't know to be safe.
I strongly agree on this. Be conservative. Always.
Erlang allow just all-or-nothing security for the nodes. Is there any
specific reason you can't have a "public" node and a "restricted" one
for your functionalities?

Btw, the following article discuss how to secure Distributed Erlang Systems:
http://dizzyd.com/sdist.pdf

Regards,

Roberto Aloi (@prof3ta on twitter)
Erlang Training and Consulting Ltd.
http://www.erlang-consulting.com



More information about the erlang-questions mailing list