Originally posted by psychoticmeow
View Post
on linux you have only sockets (a few types), named/normal pipes and shm (few ways to obtain)
the msg transport layer does not matter if all you do is send/receive msgs to clients
with UDS you can even broadcast a msg
UDS even lets you find out the PID of the sending process, from it you can find out anything about it
do give me an example of a security flaw of just sending data over UDS
it cant be sniffed, it cant be faked, idk what you can do to compromise it
maybe you are thinking of sending data that makes the program like, idk, copy msg contents to an arbitrary address in memory ?
i imagine that only happening with a shm protocol, if the msg parser is really broken (like, idk, telling it the data length is 10MB)
if the program tilts on a invalid msg it will tilt on an invalid msg
that will happen if the msg was sent over UDP, TCP, UDS, dbus, fifo, whatever
there is nothing specific to something like UDS that would make it any more or less vulnerable
thx for inciting me to validate my statements
it made me find this handy overview of UDS
EDIT:
that reminds me that UDS needs a file somewhere
and a filesystem is a namespace (despite what many seem to think)
so to discover a "service" one would only need to check if the file is there
Comment