undefined | Better HN

0 pointstoast01y ago0 comments

If you're using zerl on the client and plain dist on the server; the question isn't what Zerl can serialize, but what the server will process.

With stock OTP dist, there is no barrier between nodes. Stock OTP runs an rpc server that you can use to send function calls to run, which can include BEAM code to load (or file I/O to do); and even if that's disabled, you can spawn a process to run a function with arguments on a remote node without needing an rpc server at all.

0 comments

DuLR101y ago

How can one protect the server then? Do we need some special behavior and/or library?

toast0OP1y ago

I'm not aware of anyone running a limited dist to allow for untrusted dist clients. But here's an OTP response to a proposal that's pretty clearly a no [1].

It'd be much simpler to put together a custom protocol to communicate between the client and server. You could use Erlang's External Term Format to exchange data if you want, in which case you'd want to do binary_to_term(Binary, [safe]) to prevent creation of new atoms and new function references which can fill up tables and also consider that just because deserializing is safe for the runtime doesn't mean you can trust the client.

Erlang makes it pretty easy to parse sensible things off of network sockets, if you want to go more custom, too. Binary pattern matching is lovely.

[1] https://erlangforums.com/t/rfc-erlang-dist-security-filterin...

DuLR101y ago

Thanks for the ideas and references! I gotta say, though, that I will be pretty sad if having to write a custom protocol turns out to be the final solution. So much more convenient to use OTP (especially now that we finally have an infinitely extensible serialization library for it; Zerl). I'm shocked such an oversight would exist in a real commercial solution which is the BEAM.

3 more replies

j / k navigate · click thread line to collapse

0 pointstoast01y ago0 comments

If you're using zerl on the client and plain dist on the server; the question isn't what Zerl can serialize, but what the server will process.

0 comments

DuLR101y ago

How can one protect the server then? Do we need some special behavior and/or library?

toast0OP1y ago

I'm not aware of anyone running a limited dist to allow for untrusted dist clients. But here's an OTP response to a proposal that's pretty clearly a no [1].

Erlang makes it pretty easy to parse sensible things off of network sockets, if you want to go more custom, too. Binary pattern matching is lovely.

[1] https://erlangforums.com/t/rfc-erlang-dist-security-filterin...

DuLR101y ago

3 more replies

j / k navigate · click thread line to collapse