Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add authentication/encryption when using pipes for IPC #19109

merged 7 commits into from Apr 5, 2019


Copy link

@rafeca rafeca commented Apr 5, 2019

This fixes a potential Atom security issue caused by the fact that in Windows machines there are no ACL mechanisms for named pipes


Atom has some logic to share the same main process when opening different instances (or windows) of the editor.

Currently, this is done in Windows by creating a named pipe the first time that Atom is launched, so subsequent launches can check if the pipe exists and if so they pass the needed information to launch the new Window through the pipe to the main process.

The created pipe name contains some additional information (the Atom version, local username who's launching Atom, cpu architecture), this way multiple users can have different instances of Atom opened without affecting each other.

Security issue

In Windows, named pipes are global and available system wide: any user can create a named pipe, list all the named pipes that exist on the system, connect to any named pipe or sniff messages that travel through any named pipe.


This solution provides 3 different takes:

  1. The named pipe created by the server is not constant between executions but varies randomly, so a malicious user cannot guess what's going to be the name of the pipe and impersonate the server.
  2. The payload sent from the client to the server is now encrypted, so a potential attacker cannot find out the env variables of another user by sniffing the named pipe information.
  3. Clients authenticate themselves to the server when sending the options, so the server can ignore messages from untrusted clients.

In order to implement this whole flow, the server and the clients share a single secret which gets stored in the ATOM_HOME folder on a file only accessible to the current user. This secret gets randomly regenerated every time the server is started.

The secret file name contains the username and the Atom version (e.g ~/.atom/.atom-socket-secret-rafeca-1.35.1, so if either multiple users share the same ATOM_HOME folder or a user launches multiple versions of Atom the different instances are kept isolated and secure.

Implementation details

  • The secret has a length of 32 bytes and is represented in hexadecimal on the secret file.
  • The pipe name is generated from the secret, by using the HMAC authentication with a sha256 hash function and a message fixed to socketName and stripped to 12 chars (to ensure that pipe names are not too long). This avoids leaking the secret through the pipe name.
  • The authentication and encryption of messages from clients to the server is done using GCM encryption with AES-256. The initialization vector is generated randomly for each message and passed in clear text as part of the message.
@rafeca rafeca force-pushed the use-random-socketname branch 2 times, most recently from 26c3520 to a7eb7de Apr 5, 2019
@rafeca rafeca changed the title WIP: Add authentication/encryption when using pipes for IPC Add authentication/encryption when using pipes for IPC Apr 5, 2019
@rafeca rafeca marked this pull request as ready for review Apr 5, 2019
@rafeca rafeca force-pushed the use-random-socketname branch from 011eb29 to 7ad8976 Apr 5, 2019
@rafeca rafeca merged commit 551fa08 into master Apr 5, 2019
2 checks passed
2 checks passed
Atom Pull Requests #20190405.9 succeeded
continuous-integration/appveyor/pr AppVeyor build succeeded
@rafeca rafeca deleted the use-random-socketname branch Apr 5, 2019
smashwilson added a commit that referenced this pull request Apr 23, 2019
Add authentication/encryption when using pipes for IPC

This comment was marked as spam.

Copy link

@EARTHSSTAR3 EARTHSSTAR3 commented on 31d7dd6 May 26, 2019

Only 1st ones last un the middle in each end...


This comment was marked as spam.

Copy link

@sandy2815 sandy2815 commented on src/main-process/atom-application.js in 31d7dd6 May 26, 2019



This comment was marked as spam.

Copy link

@sandy2815 sandy2815 commented on src/main-process/atom-application.js in 31d7dd6 May 26, 2019


Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants