2017-01-30 11:49 GMT+01:00 Sven Van Caekenberghe <s...@stfx.eu>:

> > On 30 Jan 2017, at 11:43, Norbert Hartl <norb...@hartl.name> wrote:
> >
> >>
> >> Am 30.01.2017 um 11:36 schrieb Denis Kudriashov <dionisi...@gmail.com>:
> >>
> >> Hi Sean.
> >>
> >> 2017-01-28 19:06 GMT+01:00 Sean P. DeNigris <s...@clipperadams.com>:
> >> Have you considered security at all yet? Leaving a port open which
> allows
> >> arbitrary code to be executed reomotely seems very dangerous...
> >>
> >> Norbert already answer you. I just put little summary.
> >> Currently there is two important issues which must be handled manually:
> >> - security. You can manage it by VPN or SSH
> >> - distributed garbage collection. You need perform "remotePharo
> disconnect" (or "PrmRemotePharo disconnectAll") at the end of your working
> session. It cleans server and client from distributed objects.
> >>
> >> Last issue is at high priority in my todo. When I implement it unused
> distributed objects will be collected automatically like local ones.
> >> Security option can be added too. Seamless design allows to it.
> Probably It can be simple switch to SecureSocketStream instead of
> SocketStream.
> >
> > My advize for security is two-fold. The first reason not to apply
> security features to seamless is that it complicates the code base with a
> feature that is done better elsewhere. The second reason is that one big
> reason why this can be unusable is latency. A high latency makes it very
> hard to use the toolkit. So removing everything adding latency should be
> avoided. Security is from the image perspective one of those things.
>
> Explicit/manual SSH port forwarding is easy & safe. Doing it deliberately
> makes you more aware of what you are doing, which is very necessary in this
> case because of the huge danger involved (giving away full image control).
> But it will add its own latency (just like TLS would).


Yes, I agree with you. That's why it is not in priority.
But generally I think It would be nice option

Reply via email to