I think the deployment concerns are very real.
I think we want to provide this as a runtime option. In general if you
don't need the complexity of remoting for performance or other reasons I
wouldn't do it. If I were shipping as an OS, I might consider turning it
on by default if I could easily do so.
Here are concerns I have though:
* which user should the shibbbd run as?
* should different services use the same shibbd?
* What are permission and security issues?
Once we've resolved these, I may well be much more interested in shibb
remoting as a runtime default. Today, though I'm definitely interested
in turning it on as a runtime option.
I wonder what the security implications would be of trying to remote and
if that fails, trying to run in-process?
--Sam
|