I'm struggling with the best way to handle FFI (foreign function interface) dynamically generated shared libraries. Seeing files written to /tmp and requiring allow of 'execute' is a bit scary to me. This is after all the kinds of things viruses do, right. I'd prefer no one use FFI but that isn't an option. I've thought about changing the location where they are written and adding a custom type for them but maybe this is overkill. Thoughts, alternative ideas? Ted
