scherrey
Are there any best practices to secure a Flame server instance?
We’re trying to build out some infrastructure to allow machine owners with GPUs to “rent out” their machines and allow remote users to push some code into their host without having to worry about security or whether the executed code will go outside of the allowed parameters.
Elixir w/Flame seems to be quite promising as it can still coordinate with the users own BEAM cluster services even though computations on the rented host are restricted.
Is it possible to lock down the BEAM instance or Elixir environment on the rented host so it can’t execute code that goes outside of what’s allowed for that VM?
Most Liked
krasenyp
It’s possible but you should resort to OS level sandboxing and/or virtualization. If you deploy to Linux, you can use LXC or systemd-nspawn. On FreeBSD you can use jails. There are alternatives but without more details, I can’t help really help you. I’ve been planning on writing a jails backend for FLAME for some time.
Popular in Questions
Other popular topics
Latest on Elixir Forum
Sponsor Spotlight
Producing high quality Elixir screencasts since 2017.
Categories:
Sub Categories:
Forums
Our Sponsors
Build Elixir applications with speed and confidence.
Supporting innovation across the BEAM ecosystem.
We build reliable cloud platforms for business-critical systems.
Catch errors, track performance, monitor hosts and more.
Practical resources that improve the lives of professional developers.
Develop your skills with books, videos, and courses.
Producing high quality Elixir screencasts since 2017.
Courses that'll move you from confusion to "Aha, now I get it!"