Is NetNamedPipeBinding binding guaranteed to work only on the same machine?

Question

Hi,

I've created a Windows Service that uses WCF for communications to it. The service should be used be called only from the same machine. If I can guarantee that there's no way to communicate with it from another machine, I can consider it secured.

Since I'm using communications on a single machine, I opted to used NetNamedPipeBinding. This bindings documentation says it's Optimized for on-machine communications, but does not give any guarantees.

My questions is, does NetNamedPipeBinding provide on-machine-only guarantees? If not what binding does, or how would you go implementing a custom bindings that does provide such guarantees?

Thanks,
Asaf

Answer 1

NetNamedPipeBinding is only good for the local machine. See the chart at the post here for a good, methodical way to determine which type of binding to use.

Here's an external link that provides a more definitive answer than just-take-my-word-for-it.

Answer 2

Microsoft published the following on Choosing a Transport on MSDN:

When to Use the Named Pipe Transport

A named pipe is an object in the Windows operating system kernel, such as a section of shared memory that processes can use for communication. A named pipe has a name, and can be used for one-way or duplex communication between processes on a single machine.

When communication is required between different WCF applications on a single computer, and you want to prevent any communication from another machine, then use the named pipes transport. An additional restriction is that processes running from Windows Remote Desktop may be restricted to the same Windows Remote Desktop session unless they have elevated privileges.

That pretty much gives the desired guarantee.