I'm working on writing a daemon that talks to other daemons in the same project over UNIX sockets. For security purposes, it's critical that these daemons only talk amongst themselves (and can't, for example, be connected to by other processes).
I was planning on limiting this access through standard UNIX file ownership and modes. But I can't find anywhere in the launchd.plist documentation on how to control these!
Looking at existing services, you can specify a SockPathMode key, which takes a decimal mode; great. But how do I specify the actual user and group of the created socket? I notice that some of the sockets managed by launchd on my system are owned by root:daemon, some by root:wheel, and some (e.g., ssh-agent), by stouset:wheel. And yet I can't for the life of me determine how and where these ownerships are specified.
Best Answer
Here is the question that is related to this one: https://stackoverflow.com/questions/7984657/run-daemon-as-another-user-on-mac-os-x If a daemon is run as a dedicated user then all file descriptors and sockets will be owned by that user. Then just add restrictive access permissions to those descriptors.