[erlang-questions] Process state and sensitive information

Steve Strong steve@REDACTED
Tue Sep 2 07:27:48 CEST 2014


If they have access to the user account, then there's nothing you can do to secure the VM; the best you'll manage is to make it harder.

For example, they could attach to the Vm, load a linked in driver, and then dump all memory to disk.

Your safest approach is to assume they can see it, and to make sure that what they see is of little use.  So make sure you don't store plaintext credentials, instead store salted hashes - at least now they can't steal the passwords...

You could also have a second account that runs a second VM - have that VM handle all the security sensitive information and expose a thin API to the first; now the first account is less privileged and less damage can be done.  Of course, that just moves the problem to the second account, but since it is doing less, it should be easier to secure.

Kind of hard to suggest much more with talking about OS hardening; if your OS isn't secured then you really might as well give up ;)

Cheers,

Steve

Sent from my iPhone

> On 1 Sep 2014, at 23:10, Chris de Villiers <chrisdevilliers@REDACTED> wrote:
> 
> Hello
> 
> I want to make requests to a web service which authenticates users
> with a key and secret.  I will be implementing their API with a
> gen_server and need to place the access credentials somewhere "safe".
> By safe I mean It should be out of plain sight and not accessible to a
> user that can attach to the VM.  I also do not want them to show up in
> stack traces or kernel/SASL logs should the gen_server die
> unexpectedly.
> 
> The application's environment is obviously ruled out.  Storing them in
> the gen_server's state is also no good because sys:get_status/1 gives
> them away.
> 
> I thought about placing them in an ETS table private to the gen_server
> process.  Is it possible for another process to read private ETS
> tables somehow?
> 
> Any other suggestions how I can handle this situation?  I do not want
> to start a discussion about OS level security.  Lets assume someone
> gets access to the user account under which the VM runs and can attach
> to it.
> 
> Regards,
> chris
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions



More information about the erlang-questions mailing list