After and if #443 is merged, the communication channel between the auraed daemon and nested auraed cells will be open and unencrypted, which poses a potential security risk. To address this issue, we propose generating new TLS material and providing a TLS certificate to each new nested auraed cell for secure communication with the auraed daemon.
The nested auraed cells are spawned using fork/exec, which presents a challenge in passing the TLS certificate from the auraed daemon to the nested auraed cells.
If it is indeed a security risk, we need to choose which IPC we'll use to pass the certificate.
My guess is the best contender is memfd.
it is a reference counted file in RAM which mean that we don't have to clean it once the nested process is gone, and it is possible to pass opened FDs throught fork/exec barrier.
Any other solution or remarks are welcome,
Thanks for reading.
After and if #443 is merged, the communication channel between the auraed daemon and nested auraed cells will be open and unencrypted, which poses a potential security risk. To address this issue, we propose generating new TLS material and providing a TLS certificate to each new nested auraed cell for secure communication with the auraed daemon.
The nested auraed cells are spawned using fork/exec, which presents a challenge in passing the TLS certificate from the auraed daemon to the nested auraed cells.
If it is indeed a security risk, we need to choose which IPC we'll use to pass the certificate.
My guess is the best contender is
memfd
. it is a reference counted file in RAM which mean that we don't have to clean it once the nested process is gone, and it is possible to pass opened FDs throught fork/exec barrier.Any other solution or remarks are welcome, Thanks for reading.