[erlang-questions] Process state and sensitive information
Mark Nijhof
mark.nijhof@REDACTED
Tue Sep 2 00:12:44 CEST 2014
Just from reading the docs (so no experience) of sys:get_status/1 it looks
like you could implement Module:format_status/2 and don't return the
internal state, then you could use internal state to store it.
http://www.erlang.org/doc/man/gen_server.html#Module:format_status-2
-Mark
On Mon, Sep 1, 2014 at 11:10 PM, Chris de Villiers <
chrisdevilliers@REDACTED> wrote:
> Hello
>
> I want to make requests to a web service which authenticates users
> with a key and secret. I will be implementing their API with a
> gen_server and need to place the access credentials somewhere "safe".
> By safe I mean It should be out of plain sight and not accessible to a
> user that can attach to the VM. I also do not want them to show up in
> stack traces or kernel/SASL logs should the gen_server die
> unexpectedly.
>
> The application's environment is obviously ruled out. Storing them in
> the gen_server's state is also no good because sys:get_status/1 gives
> them away.
>
> I thought about placing them in an ETS table private to the gen_server
> process. Is it possible for another process to read private ETS
> tables somehow?
>
> Any other suggestions how I can handle this situation? I do not want
> to start a discussion about OS level security. Lets assume someone
> gets access to the user account under which the VM runs and can attach
> to it.
>
> Regards,
> chris
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
>
--
Mark Nijhof
t: @MarkNijhof <https://twitter.com/MarkNijhof>
s: marknijhof
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20140902/377b495f/attachment.htm>
More information about the erlang-questions
mailing list