2017-01-30 11:49 GMT+01:00 Sven Van Caekenberghe <s...@stfx.eu>: > > On 30 Jan 2017, at 11:43, Norbert Hartl <norb...@hartl.name> wrote: > > > >> > >> Am 30.01.2017 um 11:36 schrieb Denis Kudriashov <dionisi...@gmail.com>: > >> > >> Hi Sean. > >> > >> 2017-01-28 19:06 GMT+01:00 Sean P. DeNigris <s...@clipperadams.com>: > >> Have you considered security at all yet? Leaving a port open which > allows > >> arbitrary code to be executed reomotely seems very dangerous... > >> > >> Norbert already answer you. I just put little summary. > >> Currently there is two important issues which must be handled manually: > >> - security. You can manage it by VPN or SSH > >> - distributed garbage collection. You need perform "remotePharo > disconnect" (or "PrmRemotePharo disconnectAll") at the end of your working > session. It cleans server and client from distributed objects. > >> > >> Last issue is at high priority in my todo. When I implement it unused > distributed objects will be collected automatically like local ones. > >> Security option can be added too. Seamless design allows to it. > Probably It can be simple switch to SecureSocketStream instead of > SocketStream. > > > > My advize for security is two-fold. The first reason not to apply > security features to seamless is that it complicates the code base with a > feature that is done better elsewhere. The second reason is that one big > reason why this can be unusable is latency. A high latency makes it very > hard to use the toolkit. So removing everything adding latency should be > avoided. Security is from the image perspective one of those things. > > Explicit/manual SSH port forwarding is easy & safe. Doing it deliberately > makes you more aware of what you are doing, which is very necessary in this > case because of the huge danger involved (giving away full image control). > But it will add its own latency (just like TLS would).
Yes, I agree with you. That's why it is not in priority. But generally I think It would be nice option
