[erlang-questions] Erlang Security and Privacy

Gilberio Carmenates García co7eb@REDACTED
Sun Apr 24 01:17:47 CEST 2011


Hi all, 

 

Let’s say that we want to protect some exported function from the outside
world but namespace, application or node, like the internal keyword in C#.

Some times I presented this problem, for example I use the Jinterface, but
in the clients in C# or Java, the client must know

the Erlang node cookie to connect to it, so that is the first violation of
the security, because we can do wherever we want with the node in the
server, like accessing to the database and to finish the server node as we
like.

So if I have this function that I want it to be public to all the
application modules in Erlang

To be called from some modules, but I won’t it to can be called from the
outside world like clients using Jinterface. For example

 

In node1 in the Erlang server.

 

-module(server_interface).

-export([ send_to_all/1 ]).

 

send_to_all(Msg)->

        


 

 

-module(other).

-compile(export_all).

 

another_fun()->

        Msg = 


        


        send_to_all(Msg),

        


 

 

So what I want is that from the another node we can not do

 

In node2 or JInterface simulated node.

 

rpc:call(node1, server_interface, send_to_all, [“Hello!”]).

 

I mean, to export funs local to node or application.

 

 

NOTE: to resolve this problem I can create a fun with a long atom parameter
as a cookie but that shall be ugly I think.

 

send_to_all(aksjdgaskjgfksdjfbdfdsf_34tiuh78vbif 4h, Msg)->

        




=======================================================================
Este mensaje ha sido enviado mediante el servicio de correo electrónico que ofrece la Federación de Radioaficionados de Cuba a sus miembros para respaldar el cumplimiento de los objetivos de la organización y su política informativa. La persona que envía este correo asume el compromiso de  usar el servicio a tales fines y cumplir con las regulaciones establecidas.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20110423/058430e1/attachment.htm>


More information about the erlang-questions mailing list