I'm thinking of using Erlang (and OTP libs) to build a
highly-concurrent distributed application. I'd like to have
supervisors starting processes on remote nodes, hot-code
swapping and so on. All this seems much easier and more practical
in Erlang than other languages.
My only real question before starting on a prototype is on security.
The application would be accessible from the Internet. I have read a
bit about setting the cookies, but also that "the user must be allowed
to rsh to the remote hosts without being prompted for a password" (using
whatever mechanisms rsh uses for this).
Not being a security guy, I'm not sure how what the risks in practice
are for this kind of thing. Are there any documents on securing Erlang
based applications that are exposed to the Internet? I'd be grateful
for any pointers on useful related information.
This e-mail is intended for the named addressee only. It may contain confidential and/or privileged information. If you have received this message in error, please let us know and then delete this message from your system. You should not copy the message, use it for any purpose or disclose its contents to anyone.
This e-mail has been scanned for all viruses by Star Internet. The
service is powered by MessageLabs. For more information on a proactive
anti-virus service working around the clock, around the globe, visit:
>I'm thinking of using Erlang (and OTP libs) to build a
>highly-concurrent distributed application. I'd like to have
>supervisors starting processes on remote nodes, hot-code
>swapping and so on. All this seems much easier and more
>practical in Erlang than other languages.
>My only real question before starting on a prototype is on
>security. The application would be accessible from the
>Internet. I have read a bit about setting the cookies, but
>also that "the user must be allowed to rsh to the remote
>hosts without being prompted for a password" (using
>whatever mechanisms rsh uses for this).
Bengt has answered this. I propose that you make sure that
the shell given to the user is restricted. I would also
avoid giving the users access to the erlang shell.
Unfortunately, we still do not have an erlang shell with
Regarding distributed erlang, there are a couple of things
you can do to increase security:
- You may use net_kernel:allow/1 to restrict which nodes are
allowed to connect to your system using distributed erlang
- By starting erlang with the boot flag
'erl -kernel dist_auto_connect never', you can further
restrict applications from connecting from your node
to others (one can still do it explicitly, using
- Do not use distributed erlang for your user interface.
Rather, use some socket RPC, CORBA, UBF, or similar.
This allows you to restrict what functions can be
called from the outside (e.g. not allowing things like
os:cmd("rm -rf /") or erlang:halt().)
Ulf Wiger, Senior Specialist,
/ / / Architecture & Design of Carrier-Class Software
/ / / Strategic Product & System Management
/ / / Ericsson AB, Connectivity and Control Nodes