[launchd-dev] Distributed Objects communication with a launchd "on-demand" daemon
Frank Rizzo
jerky.frank.rizzo at gmail.com
Fri Dec 18 20:21:31 PST 2009
On Fri, Dec 18, 2009 at 4:38 AM, Quinn <eskimo1 at apple.com> wrote:
> I'd recommend that you think long and hard before taking this approach.
> There are two issues:
>
> o DO over TCP -- DO over TCP has serious practical issues. It looks like
> you've switched to Mach messaging anyway, so I won't go into the details.
>
That's right, I was only using TCP sockets for initial development because
that is what was what most of the example code used. I am using Mach ports
and had they not worked, I would have tried UNIX domain ports next.
o DO across security domains -- DO is not a great solution for
> cross-security domain communications. So if your plan is to run your DO
> code as a daemon and make its service available to non-privileged users, you
> should think again.
>
I have no intention of using DO for "cross-security domain communications."
There are numerous reasons why DO is problematic security-wise.
Yes, it would be nice to see Apple enhance the usability of DO and add some
basic security features to it like this:
http://sourceforge.net/projects/securedo/
Thanks for response, Quinn!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/launchd-dev/attachments/20091218/0ac5adaf/attachment.html>
More information about the launchd-dev
mailing list