MASTG-TEST-0056: Determining Whether Sensitive Data Is Exposed via IPC Mechanisms
Deprecated Test
This test is deprecated and should not be used anymore. Reason: The content from this test was insufficient to port it properly. See Low-Level System IPC Mechanisms and related knowledge for more details on IPC mechanisms. New tests will be added in the future to cover specific IPC mechanisms and their security implications.
Please check the following MASTG v2 tests that cover this v1 test:
No tests are covering this weakness.
Overview¶
Static Analysis¶
The following section summarizes keywords that you should look for to identify IPC implementations within iOS source code.
XPC Services¶
Several classes may be used to implement the NSXPCConnection API:
- NSXPCConnection
- NSXPCInterface
- NSXPCListener
- NSXPCListenerEndpoint
You can set security attributes for the connection. The attributes should be verified.
Check for the following two files in the Xcode project for the XPC Services API (which is C-based):
xpc.hconnection.h
Mach Ports¶
Keywords to look for in low-level implementations:
- mach_port_t
- mach_msg_*
Keywords to look for in high-level implementations (Core Foundation and Foundation wrappers):
- CFMachPort
- CFMessagePort
- NSMachPort
- NSMessagePort
NSFileCoordinator¶
Keywords to look for:
- NSFileCoordinator
Dynamic Analysis¶
Verify IPC mechanisms with static analysis of the iOS source code. No iOS tool is currently available to verify IPC usage.