📅 Original date posted:2014-02-21
📝 Original message:On Fri, Feb 21, 2014 at 7:27 AM, Mike Hearn <mike at plan99.net> wrote:
> Bear in mind a separate process doesn't buy you anything without a
> sandbox, and those are expensive (in terms of complexity).
>
Sandboxing in user space is complex, agreed,
The most straightforward way would be to run the blockchain daemon as a
system service (with its own uid/gid and set of Apparmor/SELinux
restrictions) and the wallet daemon as the user.
This would also allow sharing one blockchain daemon between multiple users
and wallet processes (not necessarily on the same machine), something I've
wanted to be able to do for a long time.
Wladimir
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140221/b96c1925/attachment.html>;
Wladimir [ARCHIVE] /
npub1xq…ymc2p
2023-06-07 15:13:52
in reply to nevent1q…acp2
Author Public Key
npub1xqshkqv2g7uea4xzqwvmgjcz7u8vfavw6aazs999v0azsv3w7u3qpymc2pPublished at
2023-06-07 15:13:52Event JSON
{
"id": "e8db878b840e30be203cc98037a7a03cf27357bccb68b080d094027045b38025",
"pubkey": "30217b018a47b99ed4c20399b44b02f70ec4f58ed77a2814a563fa28322ef722",
"created_at": 1686150832,
"kind": 1,
"tags": [
[
"e",
"9aebc30798366b34740fac6d16d40f9f47d2e3c9df627d88700dd2937bdb6892",
"",
"reply"
],
[
"p",
"a23dbf6c6cc83e14cc3df4e56cc71845f611908084cfe620e83e40c06ccdd3d0"
]
],
"content": "📅 Original date posted:2014-02-21\n📝 Original message:On Fri, Feb 21, 2014 at 7:27 AM, Mike Hearn \u003cmike at plan99.net\u003e wrote:\n\n\u003e Bear in mind a separate process doesn't buy you anything without a\n\u003e sandbox, and those are expensive (in terms of complexity).\n\u003e\nSandboxing in user space is complex, agreed,\n\nThe most straightforward way would be to run the blockchain daemon as a\nsystem service (with its own uid/gid and set of Apparmor/SELinux\nrestrictions) and the wallet daemon as the user.\n\nThis would also allow sharing one blockchain daemon between multiple users\nand wallet processes (not necessarily on the same machine), something I've\nwanted to be able to do for a long time.\n\nWladimir\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140221/b96c1925/attachment.html\u003e",
"sig": "d7bf949e115567db7082ba73bee2000ed937fed91a6f3aa50fc5c4d4a1e687c0ed31cea9bf64648afa1a4e2190c6687378941fb969363b8379d4ca99faf0dcfa"
}