On Fri, Feb 21, 2014 at 7:27 AM, Mike Hearn <mike@plan99.net> wrote:

Bear in mind a separate process doesn't buy you anything without a sandbox, and those are expensive (in terms of complexity).

Sandboxing in user space is complex, agreed,

The most straightforward way would be to run the blockchain daemon as a system service (with its own uid/gid and set of Apparmor/SELinux restrictions) and the wallet daemon as the user.

This would also allow sharing one blockchain daemon between multiple users and wallet processes (not necessarily on the same machine), something I've wanted to be able to do for a long time.