tags:

views:

538

answers:

3
+1  Q: 

WCF Named Pipe Security and Multiple User Sessions?

I have setup a WPF application that is single instance using a Mutex, this allows for the application to run within each user account if you are using user switching. The application sets up a WCF named pipe so that I can communicate to the single instance from another process (i.e. when the second process runs before it terminates due to the Mutex).

I would like to know if anything should be done (best practices) to secure the named pipe?

Also I would like to know if the named pipe messages would reach all running processes within the system or only within current user session. If the named pipe is sent system wide then what would be the best implmentation to restrict the communication to the current users session?

+1  A: 

Named pipes imply that the communication is point-to-point on the same machine. I believe that it is secured by default, but since communication is never leaving the machine, even on the same network, that security isn't the biggest thing to worry about - at least in regards to the communication between a named pipe component and its consumer.

Check out "Programming WCF Services 2nd Edition" by Juval Lowy. Chapter 10 is all about component security. On page 514, he writes "there is no sense in using Message security over IPC, since with IPC there is always exactly one hop from the client to the service. The chart on that page shows that Transport security is turned on by default for named pipes.

Terry Donaghe  2009-06-23 15:43:40
A: 

This paper on named pipe security discusses the topic in a lot of detail.

In short, if you're not careful you could allow a malicious program running with standard user permission to exploit a pipe to elevate itself to the same privilege level as the named pipe server.

I'm afraid I don't know whether the WCF implementation is secure against this type of attack by default.

romkyns  2010-04-27 15:19:30
+1  A: 

Named pipes in WCF are not accessible from the network and no encryption is required to secure them. However, WCF services are not secure against the attack mentioned by romkyns.

I suggest you read this posts:

http://blogs.charteris.com/blogs/chrisdi/archive/2008/05/19/exploring-the-wcf-named-pipe-binding-part-1.aspx

http://blogs.charteris.com/blogs/chrisdi/archive/2008/06/16/exploring-the-wcf-named-pipe-binding-part-2.aspx

http://blogs.charteris.com/blogs/chrisdi/archive/2008/06/23/exploring-the-wcf-named-pipe-binding-part-3.aspx

http://blogs.charteris.com/blogs/chrisdi/archive/2009/12/04/exploring-the-wcf-named-pipe-binding-part-4.aspx

about the security problems involved.

In short WCF allows ANY process to masquerade itself as the service and:

  1. Either simulate the service OR
  2. Eavesdrop and tamper data assuming that the rogue process itself connect to the service. However, if the service uses access security to check the identity of the calling user this may not be possible.
Steven  2010-08-26 11:53:24

related questions

Subsonic Vs NHibernate
How to check For File Lock in C# ?
Is nAnt still supported and suitable for .net 3.5/VS2008?
Limit size of Queue<T> in .NET?
Viewstate invalid when using Safari
Free OCR library
Unhandled Exception Handler in .NET 1.1
Localising date format descriptors
Get a new object instance from a Type in C#
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
.NET Testing Framework Advice
Embedded Database for .net that can run off a network
Automatically update version number
Homegrown consumption of web services
How do you migrate a large app from VB6 to VB .net ?
.NET Migrations Engine
Adding Scripting functionality to .NET applications
SQLite and XSD
Floating Point Number parsing: Is there a Catch All algorithm?
How do I programmatically create a PDF in my .NET application?
How do I sync the SVN revision number with my ASP.NET web site?
XSD DataSets and ignoring foreign keys
Anatomy of a "Memory Leak"
Reliable Timer in a Console Application
How do I calculate relative time?