Securing a Unix Domain Socket: Looking for Help

There is a cool hack that we want to introduce in Mono that would allow a remote process to debug a examine data in a running Mono instance. The hack uses the embeddable compiler.

The proposed extension to Mono would use a socket on /tmp/mono-USER/.mono-PID created by the Mono process and set the permissions to read/write for the owner and nothing for the group or other users.

What can go wrong security-wise with the above setup? What should we check that is not immediately obvious?

So far:

  • Create directory with 0600 permissions, bail if mkdir returns anything but 0.
  • Create socket in directory; It should be safe at this point, and change the permissions of the socket (is this really needed?).
Posted on 15 Sep 2008 by Miguel de Icaza
This is a personal web page. Things said here do not represent the position of my employer.