[erlang-questions] A safe Erlang for third party users
Tony Arcieri
tony.arcieri@REDACTED
Wed May 26 05:12:00 CEST 2010
On Tue, May 25, 2010 at 9:06 PM, Jeff <jeffm@REDACTED> wrote:
> Is there a way to create a safe subset of Erlang which you could give an
> unknown person access to which is run on your own system? My thinking is
> something along the lines of: you have a web site which has aspects which
> are best controlled by a language, eg complex security for who can see what,
> etc. So rather than provide a list of check boxes, slider, and what not; You
> provide a file upload form and the user can upload a file. This is then
> compiled, and filtered for allowed and side effect free calls, etc before
> being allowed to execute on the web server's erlang vm. The filtering, I
> would image, would either be on the source code, on some partial compile of
> the file and/or on the compiled beam and would only permit expressly allowed
> function calls and parameters.
>
> Hope that makes sense. This is only a thought experiment and I don't have
> any plans to try such a thing, but thought it was an interesting idea.
Sounds like you want a capability model for Erlang?
http://en.wikipedia.org/wiki/Object-capability_model
--
Tony Arcieri
Medioh! A Kudelski Brand
More information about the erlang-questions
mailing list