Time to use AF_UNIX
Time to use AF_UNIX
Posted Aug 9, 2024 4:13 UTC (Fri) by Cyberax (✭ supporter ✭, #52523)In reply to: Time to use AF_UNIX by quotemstr
Parent article: 0.0.0.0 Day: Exploiting Localhost APIs From the Browser (Oligo Security)
> More secure: AF_UNIX sockets (at least non-abstract-namespace ones) are files and all the DAC and MAC rules that apply to files apply to these sockets: TCP is uncontrolled (as the 0.0.0.0-day thing reminds us)
On Linux, you can actually find the process that made the connection to your server (on localhost). On one of my previous jobs, it was used by a key distribution daemon to verify that the request came from an allowlisted local user.