Some new classes were introduced in Foundation.framework as part of Mac OS X 10.8 (Mountain Lion) to help ease the pain associated with performing IPC (inter-process communication) in Mac OS applications. Among them were NSXPCConnection, NSXPCListener, NSXPCListenerDelegate and NSXPCInterface. You can find the documentation inside the development portal or as part of the Xcode bundle but this post is meant to show you how easy it truly is to package up messages and send them off to other processes.

But first, a bit of background. What is IPC? Courtesy of WikiPedia, “IPC is a set of methods for the exchange of data among multiple threads in one or more processes. Processes may be running on one or more computers connected by a network. IPC methods are divided into methods for message passing, synchronization, shared memory, and remote procedure calls (RPC). The method of IPC used may vary based on the bandwidth and latency of communication between the threads, and the type of data being communicated.”

Originally, you could have done IPC in OS X using mach messages, which is how drivers traditionally communicated.

While information sharing and modularity are definitely some of the benefits of IPC, one of the biggest wins in my mind is the fact that we can perform privilege separation with IPC. Consider the following: you have wrote some code that will take some user input and crunch on it and then return a result. Note that this doesn’t have to be intensive computation, it could be as easy as interpolating an NSString. User input is a taint source, meaning that the input data is untrusted and could potentially (and perhaps unintentionally) be malicious. If your program were running in a privileged mode or had some increased set of ACLs, then if the input were able to exploit a vulnerability, then it would be able to inherit the same privilege level as the application.

Another benefit of this separation is that suppose the input causes the program to crash. If the processing were done in the main application, it would crash the entire application. If the processing is done in the daemon, then the daemon can crash and the application would still be alive and well.

I have attached a project that demonstrates NSURLConnection’s ability to say “Hello.” hello.tar.gz

« »