FoundationDB

Feature request: support UNIX domain sockets for client->local server access


(Dave Cottlehuber) #1

I’m new to FDB but didn’t find this raised anywhere already - apologies if not.

I’d like to be able to ensure that there is no way for another user application on the same box to be able to use the TCPIP connection to get direct access to the underlying FDB, and bypass my application’s own security permissions.

For the reasonably common scenario of the FDB server + client application being co-located, it would be great to be able to use a UDS (UNIX Domain Socket) for connectivity, rather than TCP (+ potentially TLS). This would be faster, and significantly easier to secure. I’m aware that right now I don’t have a working application, and therefore an actual performance/security constraint.

With UDS I could simply set appropriate file system permissions, and be sure that only root users could bypass that.


(Alex Miller) #2

FDB still needs to be able to talk to another FDB instance, so I’m not clear how one could do only a unix domain socket, as you seem to be requesting. For a client to be able to access the FDB cluster, they’d need a cluster file. Controlling access to the cluster file would be one way of banning access to the cluster. Another would be to use the TLS support to ensure that your application is the only one that has an appropriate client certificate to be able to authenticate to FDB.

That said, I’d still be in favor of allowing unix domain sockets in addition to a tcp socket to make it easier and faster for FDB clients to access their co-located FDB servers.