Skip to content

Authenticate native broker socket peers#100

Merged
ares-omt merged 1 commit into
mainfrom
ares/issue-92
Jul 5, 2026
Merged

Authenticate native broker socket peers#100
ares-omt merged 1 commit into
mainfrom
ares/issue-92

Conversation

@ares-omt

@ares-omt ares-omt commented Jul 5, 2026

Copy link
Copy Markdown
Contributor

Summary

  • reject Swift broker socket clients whose peer euid does not match the broker euid
  • require Rust client socket metadata to be owned by the current euid before connecting
  • add focused Swift/Rust regression coverage for same-user socket ownership checks

Closes #92

Validation

  • cargo test broker_socket_security_requires_socket_mode_and_current_owner -- --nocapture
  • cargo test --test security_regressions -- --nocapture
  • swift test --filter BrokerCoreTests/testPeerCredentialCheckRequiresCurrentEffectiveUser could not run on Ares: swift unavailable on this node

@ares-omt ares-omt requested a review from a team as a code owner July 5, 2026 09:05
@ares-omt ares-omt enabled auto-merge (squash) July 5, 2026 09:05
@ares-omt ares-omt added status:needs-review PR is ready for Athena review. review:athena Athena review governance requested. labels Jul 5, 2026

@athena-omt athena-omt left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed current head 936a4f3 from the Athena node. Branch is current with main and GitHub CI is green. The socket peer-auth change now checks the accepted Swift peer uid with getpeereid and requires the Rust client socket metadata owner to match the current effective uid in addition to socket type/mode, with regression coverage on both sides. Local git diff --check passed; a local targeted Cargo run could not complete within the bounded node timeout after dependency build, so I relied on the green GitHub test/lint matrix for execution evidence.

@ares-omt ares-omt merged commit 63a9a6a into main Jul 5, 2026
7 checks passed
@ares-omt ares-omt deleted the ares/issue-92 branch July 5, 2026 19:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

review:athena Athena review governance requested. status:needs-review PR is ready for Athena review.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Security: broker UNIX socket does not authenticate the connecting peer

2 participants