On Fri, Dec 18, 2009 at 4:38 AM, Quinn <eskimo1@apple.com> wrote:

I'd recommend that you think long and hard before taking this approach. There are two issues:

o DO over TCP -- DO over TCP has serious practical issues. It looks like you've switched to Mach messaging anyway, so I won't go into the details.

That's right, I was only using TCP sockets for initial development because that is what was what most of the example code used. I am using Mach ports and had they not worked, I would have tried UNIX domain ports next. o DO across security domains -- DO is not a great solution for

cross-security domain communications. So if your plan is to run your DO code as a daemon and make its service available to non-privileged users, you should think again.

I have no intention of using DO for "cross-security domain communications." There are numerous reasons why DO is problematic security-wise. Yes, it would be nice to see Apple enhance the usability of DO and add some basic security features to it like this: http://sourceforge.net/projects/securedo/ Thanks for response, Quinn!