Is the inter process communication interface secure?
See original GitHub issueSystem information:
- OS: Linux Slackware 64 -current
- DBeaver version 7.3.0
Connection specification:
Does not apply
Describe the problem you’re observing:
At startup, DBeaverInstanceServer looks up a random free tcp port between 20000 and 65000, opens it and bind an RMI server that seems to be used as a way of inter-process communication. It looks like it’s not that secure, since:
- it binds to any available interface, even public ones
- no credentials are needed to use it
- it exports remote methods like
openExternalFiles
,openDatabaseConnection
,executeWorkbenchCommand
or justquit
If I understand it correctly, the only implemented mitigation is the choice of a random port that gets saved in a text file in order for other instances to know what port to look for. I can see two different problems here:
- a local one, where an user on a system can look up the port used by the java process of another user and just control the DBeaver instance that the other user is running.
- a remote one, where a malicious user can basically gain remote code execution using DBeaver as a trampoline.
About the second problem, I expect you to tell me that any firewall would block remote access to that port. I have two notes on this:
- https://docs.oracle.com/javase/8/docs/technotes/guides/rmi/rmi_security_recommendations.html
- I can imagine an unskilled user having connection problems to a database that tries to create a firewall exception for DBeaver in order to see if it fixes his problems.
Thank you and sorry if I made any wrong assumption here.
Issue Analytics
- State:
- Created 3 years ago
- Comments:5 (2 by maintainers)
Top Results From Across the Web
Secure TCP traffic for inter process communication
The communications between these processes can always be intercepted by an attacker with privileged access to the system. With root ...
Read more >Inter-Process Communication, Technique T1559 - Enterprise
IPC is typically used by processes to share data, communicate with each other, or synchronize execution. IPC is also commonly used to avoid ......
Read more >Secure inter-process communication for safer computing ...
Today, security of computing systems is a major concern. One such security concern pertains to Inter-Process Communication (IPC). As noted above, Inter-Process ...
Read more >Validating Input and Interprocess Communication
XPC Services are the most secure way to conduct inter-process communication in a modern app, but even here, the level of security depends...
Read more >Securing Inter-process Communications in SELinux
Inter -process communication (IPC) refers to the ex- change of information between processes on a single system or over a network. Many methods...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Thank you so much too for your help!
Thanks for bringing this up. Indeed, this is a sort of security hole. Despite the fact that client machine without a firewall is doomed anyway, we need to close this one.
I think limiting rmi connections with local machine only will solve the problem. Perhaps this should be configurable.