[launchd-dev] Privilege separation and crash resistance
Thomas Clement
thomascl at free.fr
Wed Sep 30 08:25:49 PDT 2009
Hello,
I think the following architecture is recommended when a daemon needs
to talk to an agent:
- daemon listens on privileged port
- agent is set to run at load time and checks in with the daemon to
vends its mach port
- daemon uses the vended mach port to launch the agent on demand
However if the daemon crashes, it loses the vended mach port and is
unable to launch the agent.
What is the recommended solution to this situation?
Regards,
Thomas
More information about the launchd-dev
mailing list