Wladimir [ARCHIVE] on Nostr: 📅 Original date posted:2014-02-21 📝 Original message:On Fri, Feb 21, 2014 at ...
📅 Original date posted:2014-02-21
📝 Original message:On Fri, Feb 21, 2014 at 7:27 AM, Mike Hearn <mike at plan99.net> wrote:
> Bear in mind a separate process doesn't buy you anything without a
> sandbox, and those are expensive (in terms of complexity).
>
Sandboxing in user space is complex, agreed,
The most straightforward way would be to run the blockchain daemon as a
system service (with its own uid/gid and set of Apparmor/SELinux
restrictions) and the wallet daemon as the user.
This would also allow sharing one blockchain daemon between multiple users
and wallet processes (not necessarily on the same machine), something I've
wanted to be able to do for a long time.
Wladimir
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140221/b96c1925/attachment.html>
📝 Original message:On Fri, Feb 21, 2014 at 7:27 AM, Mike Hearn <mike at plan99.net> wrote:
> Bear in mind a separate process doesn't buy you anything without a
> sandbox, and those are expensive (in terms of complexity).
>
Sandboxing in user space is complex, agreed,
The most straightforward way would be to run the blockchain daemon as a
system service (with its own uid/gid and set of Apparmor/SELinux
restrictions) and the wallet daemon as the user.
This would also allow sharing one blockchain daemon between multiple users
and wallet processes (not necessarily on the same machine), something I've
wanted to be able to do for a long time.
Wladimir
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140221/b96c1925/attachment.html>