Access restriction to processes

[antaradey-itk]

I have spent some time researching on Iceoryx2 use cases, and design.
However, a question was raised, if the communication between the publishers and subscribers is secure;
Can any process connect as long as it knows the service name? Or is there any in-built mechanism in Iceoryx to authenticate which subscribers are allowed to access the data sent by the publisher?

An alternative is to use ACLs, but that could be an overhead.

Any insights would be appreciated. Thanks.

[elfenpiff]

@antaradey-itk

This is already implemented but in a more implicit way. The one that creates the service, creates it in a manner that only the same user can connect to the service and all other users cannot. You can experiment with this by starting the publisher from the publish subscribe example with:

cargo run --example publish_subscribe_publisher

and the subscriber with another user like

sudo -u another_user cargo run --example publish_subscribe_subscriber

Then you get an error PublishSubscribeOpenError(ServiceInCorruptedState) and when you take a deeper look into the log files you see the entry:

        3 [D] "File::does_exist"
              | Unable to determine if file "/tmp/iceoryx2/services/iox2_b61bd15e8c3ea16146985e960906a8e125156
              | a73.service" exists caused by an unknown error (errno { name = "EACCES", value = 13, details =
              |  "Permission denied" }).

So the other user does not have the access rights to subscribe to it.

But I admit that this is not yet ready for production use. The error message should be more explicit, PublishSubscribeOpenError(ServiceInCorruptedState) is actually wrong here in the end.

The plan for the feature is the following:

• services can be created with explicit publish and send permissions (defined by posix users and groups)
• services can be created with optional owners and then the user can decide via a certificate, key, PID, UID if the counterpart can publish or subscribe to a service.

[antaradey-itk]

Thank you for this information.