> I'm somewhat hesitant to introduce this; it's somewhat of a workaround for us
> not being able to run Mir in a window in X,
Actually, no - it isn't a workaround. This is what one of our downstream projects (USC) does and I think it is likely useful for the system compositor case (where the protection is done by other means).
> which it looks like Cemil is actually going to do soon.
>
> If we are going to introduce it, I think it should be as minimal as possible.
> I'd prefer “make utterly insecure socket” over “set security for socket”.
> I'm somewhat hesitant to introduce this; it's somewhat of a workaround for us
> not being able to run Mir in a window in X,
Actually, no - it isn't a workaround. This is what one of our downstream projects (USC) does and I think it is likely useful for the system compositor case (where the protection is done by other means).
> which it looks like Cemil is actually going to do soon.
>
> If we are going to introduce it, I think it should be as minimal as possible.
> I'd prefer “make utterly insecure socket” over “set security for socket”.
That was my thinking too.