> On Aug 4, 2014, at 11:02 AM, Alex Zavatone <z...@mac.com> wrote: > > If you want to go down the sockets path, there are clear examples on using > NSStream, sockets and Bonjour to send info between apps that are on the same > Mac. Check out the PictureSharing sample and other NSStream samples that are > included in the Xcode help.
If you do this you’ve created a networked app, whether you need that functionality or not. With that come lots of extra security concerns — do you want anyone in the world to be able to anonymously send you pictures? Are you 100% certain your stream code is robust against bad data and won’t crash or overwrite memory or allow access to arbitrary local files? Also, by using Bonjour you’re now actively advertising your app’s presence to the LAN you’re on, making it very easy for anyone nearby to find and connect to. You can mitigate this by binding your listener socket to only the loopback interface (127.0.0.1) which will prevent external connections. Of course you’re still advertising a service to the LAN that no one else can connect to, which seems pointless, but I don’t think there’s any way to restrict Bonjour services to localhost. —Jens _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
