|Subject||Re: Strategic Replacement for Services API|
> Yes, of course. The front end talks to the back end through a socketPotential security issue - a component that is listening on the
> by exchanging XML. There's no reason to special case localhost.
socket. You will have big problems arguing that it is safe and will
still loose the publicity. The embedded engine is designed to be
invisible, so let's keep it invisible
The company I have worked before considered once releasing the web
based software as a desktop version with a built-in webserver. After a
study the option was rejected because of that single component
listening to the socket connection. Too many trouble with it.
Please, reconsider this approach, or at least suggest another
alternative for backup/restore. Rest of the services are not important
for embedded server.