Ok, Mach messaging, not Unix sockets. That is helpful, thank you.
With regards to identifying the remote peer-- in my case this shouldn't be an issue, correct? Since the XPC service in my case here is an embedded service, so my extension should be the only process that can use it.
My main concern still then can the data be intercepted in transit, no so much that another process could hijack the service itself. I know next to nothing about Mach messaging, so I have a little more digging to do then. But the fact the this looks like something that happens at the kernel level is encouraging from a security standpoint.
tylerfromdavis
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution
Last seen
User for
Post
Replies
Boosts
Views
Activity
This perfectly addresses my concern. You are correct this is a nested appex, and in that appex there is an XPC service. I wanted to make sure that malicious software could not intercept data between the appex and the XPC service. The data in this case is not something I'm trying to protect from the user, only from malware.
Thanks again for all your help.
This perfectly addresses my concern. You are correct this is a nested appex, and in that appex there is an XPC service. I wanted to make sure that malicious software could not intercept data between the appex and the XPC service. The data in this case is not something I'm trying to protect from the user, only from malware.
Thanks again for all your help.