Hi all, (originally posted this to erlang-questions, I realize now that this is the more fitting list for that).
I am very new to Erlang, am considering to use it in a project and I have some security concerns. I can see it's quite easy to configure TLS for the node-to-node communication, but making the name-to-port resolution service (epmd) secure seem a bit too complex to me, such as the one suggested here: https://www.erlang-solutions.com/blog/erlang-and-elixir-distribution-without-epmd.html So I was thinking, seeing that there are already options to: 1. Start a distributed node without epmd (-start_epmd false) 2. Limit a node's port numbers to a specific range (via inet_dist_listen_min & inet_dist_listen_max). Wouldn't it be nice if we could also specify a predefined port to spawn/4, to complete that picture? That is allow spawn to look like: spawn("Name@Host:Port", Mod, Func, ArgList). Then when spawn sees that a port was provided, it can completely skip the "epmd resolution" part and proceed with connecting to the target node via the provided port. Note: I realize that the "Name" becomes slightly redundant when the Port is explicit. However this can still be useful - it would be good if the implementation will actually also verify that the port belongs to the provided name at the receiving side, so that a node will not accidentally process a message that wasn't meant for it. Again, I'm a complete newbie to Erlang in general, so I may be missing something essential here :) But I would love to know what that is, if that's the case, or hear your thoughts in general otherwise :) Thanks!
_______________________________________________ eeps mailing list [email protected] http://erlang.org/mailman/listinfo/eeps
