Menu
I am planning to use unix domain sockets for my IPC (inter process communication) between two processes running on same host machine. But I have to look into data security also before choosing unix sockets.
I just wanted to know is there any way "man-in-the-middle" attack if I use unix sockets with out encrypting the data I am sending on that connection?
753
Any client-server communication in general is vulnerable to MitM attacks: it just depends on how big the attack surface is.
In short, Unix domain sockets are secure in general. You can use POSIX permissions to lock down access to the file descriptor (FD) associated with the socket, and the server side can request information such as credentials and PID of clients before they can fully connect.
If someone wants to intercept the data, they're effectively tampering with a low-level IPC mechanism that's part of the core operating system. If someone is able to do this, the device/system under test (DUT) has already been compromised (ie: malicious kernel module or preloaded library installed).
The most likely venue for attacking UDS connections would be to run a program using them in a debugger (ie: gdb), or just using socat on the socket to try and gather data. The latter can be minimized by using an authentication routine and encryption, while the former can't really be helped. If someone has root access to your DUT, he/she can just fire up a root console, and launch the client application in a debugger.
It's as secure as your system is.
51
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
