Unix sockets or named pipes on Windows | Dagger | Page 1

sudden prairie Nov 22, 2022, 8:36 PM

#

We have been considering whether we should switch to having engine-session communicate with SDKs over unix sockets instead of localhost. The main benefit is a somewhat improved security posture.

I saw somewhere that unix sockets are supported on Windows now, but I have no idea what the state of support actually is. I also believe there's something called "named pipes" on Windows that serve a similar purpose? My main question is whether switching to unix sockets or named pipes would make your work on the Powershell/C# based SDK a lot harder or if you think it'd be easy to deal with.

#

Unix sockets or named pipes on Windows

tribal saffron Nov 22, 2022, 8:38 PM

#

Where would the socket communication happen? You would use this in place of an http endpoint?

sudden prairie Nov 22, 2022, 8:39 PM

#

tribal saffron Where would the socket communication happen? You would use this in place of an h...

Well it would be http requests still, but sent over the unix sock / named pipe rather than over tcp+localhost

tribal saffron Nov 22, 2022, 8:39 PM

#

Named pipes is what docker uses on Windows

#

I don't know how far down the .Net networking stack one has to go to access named pipes.

#

It doesn't look crazy

sudden prairie Nov 22, 2022, 8:42 PM

#

tribal saffron I don't know how far down the .Net networking stack one has to go to access name...

Yeah that's my concern, I'm sure this is technically possible but I don't want to create a huge headache for every SDK developer going forward.

Do you have a link to the graphql client library you were using? Just so I could poke around and see if there's any pre-existing art or something

tribal saffron Nov 22, 2022, 8:43 PM

#

Basically works the same as an IO stream

#

I'm using this module which just wraps PowerShell's Invoke-RestMethod. So, that would break and we'd need a new client that implements named pipes. https://github.com/anthonyg-1/PSGraphQL

GitHub

GitHub - anthonyg-1/PSGraphQL: This PowerShell module contains func...

This PowerShell module contains functions that facilitate querying and create, update, and delete operations (mutations) for GraphQL, which is an an open-source data language for APIs. For more on ...

#

Some existing work: https://www.powershellgallery.com/packages/PoshInternals/1.0/Content/NamedPipes.ps1

#

https://rkeithhill.wordpress.com/2014/11/01/windows-powershell-and-named-pipes/

Keith Hill's Blog

rkeithhill

Windows PowerShell and Named Pipes

A named pipe is a stream-based mechanism for inter-process communication (IPC). The .NET Framework has two types for allow you to use named pipes: System.IO.Pipes.NamedPipeServerStream System.IO.P…

#

And if you want to really go down the rabbit hole, here's the src for Invoke-RestMethod. https://github.com/PowerShell/PowerShell/blob/master/src/Microsoft.PowerShell.Commands.Utility/commands/utility/WebCmdlet/Common/InvokeRestMethodCommand.Common.cs