This story was originally posted by me on Medium on 2018-08-29, but moved here since I'm closing my Medium account.
I love Nerves. Unfortunately I...
For further actions, you may consider blocking this person and/or reporting abuse
Sounds like that the use of an almost read-only file system will also improve its security.
So only the
/datadir is writable?IMHO the greatest advantage of the
write-onlyread-only filesystem on an embedded device is that a restart of the device is more likely to fix a bad state and make the device boot successfully.Yes, on my specific device, the
/datadir was already mounted as read-write.I think you meant
read-onlyinsteadwrite-onlyin your reply?I did π
The reason for this cookie existence is to allow to run distributed Erlang/Elixir. So the cookie will be used to allow nodes to talk with each other.
You can read more here, where at some point you will read:
Correct :)
You can also set the cookie on startup of the application with some command line argument or env var, which might prevent erlang from saving a generated cookie. I haven't tried this though.