0

I have written a web service in Erlang using mochiweb and jiffy and now face the task of deploying it to production. Since it is going to be open to the public I was wondering how secure Erlang actually is, since this is something that seems to be more or less never talked about.

Erlang itself is a VM language, so should be (hopefully) fairly secure, but many extensions (like jiffy) have NIFs written in C and thus are more prone to buffer overflows and the like if not written carefully and tested thoroughly.

So basically, how should I go about securing an Erlang server on Ubuntu? Restricted user? AppArmor? Or is this overkill?

Philip Kamenarsky
  • 103
  • 2

1 Answers1

2

I'd wager that Erlang itself is orders of magnitude more likely to be secure than the code that's written in it. As far as securing it goes, it's no different to anything else -- you restrict privileges to the minimum necessary and monitor the bejesus out of it. Exact implementation details are up to your discretion, experience, and paranoia.

womble
  • 96,255
  • 29
  • 175
  • 230