User-private connection between my Google Chrome extension and my native program on Linux
Question
I have a 'native' program (in Java) which would like to communicate with a Google Chrome/Chromium extension. The communication contains sensitive informations, and should not be accessible by anybody else than the user running them (and the root of course).
What technology should I choose for this communication channel? Is there even a solution?
EDIT: Of course I could open a TCP/IP port on the local host, but wouldn't it be accessible by other users having an account on the same host? Is there a technic to avoid that side effect?
Could we access unix domain sockets from Google Chrome extensions?
3 answers
solution1
1 2012-04-02 19:25:00
假设您已经熟悉TCP,如果您使用localhost / 127.0.0.1进行通信,则其他计算机将无法看到/可用。
solution2
0 ACCPTED 2012-04-08 07:13:44
The solution that I chose is to have an server socket listening on the loopback interface (/ 127.0.0.1) with a shared secret used as an api key.
The reason is that I didn't realize that in my case each app which connect to my node had to be authenticated .. because each app is treated in a different way, with different access permissions.
solution3
0 2012-04-01 21:51:34
You could solve this at the higher level with a secured SSL communication with certificates etc... IF someone does not have the certificate, then the connection is killed. Moreover, you would benefit from encryption.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.