At 00:09 -0500 17/12/09, Frank Rizzo wrote:
I am trying to create a launchd daemon that is started "on-demand" by a client call to a TCP port number and then communicate with the client via Distributed Objects.
I'd recommend that you think long and hard before taking this approach. There are two issues: o DO over TCP -- DO over TCP has serious practical issues. It looks like you've switched to Mach messaging anyway, so I won't go into the details. o DO across security domains -- DO is not a great solution for cross-security domain communications. So if your plan is to run your DO code as a daemon and make its service available to non-privileged users, you should think again. There are numerous reasons why DO is problematic security-wise. The most obvious is that DO makes heavy use of Cocoa archiving (to serialise objects and send them over the wire), and Cocoa archives are not recommended across security domains. <http://developer.apple.com/iPhone/library/documentation/Security/Conceptual/SecureCodingGuide/Articles/ValidatingInput.html#//apple_ref/doc/uid/TP40007246> Beyond that, DO is a huge and complex piece of code with lots of flexibility on lots of axes, and adding all of that code to your attack surface [1] is a bad idea. S+E -- Quinn "The Eskimo!" <http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware [1] <http://en.wikipedia.org/wiki/Attack_surface>