Im thinking of sending sensitive data (encryption keys) from a windows service to an ADFS plugin. Would this be safe?
Asked
Active
Viewed 347 times
0
-
Possible duplicate of [Are pipes considered dangerous to use in Windows, from a security standpoint?](https://stackoverflow.com/questions/234234/are-pipes-considered-dangerous-to-use-in-windows-from-a-security-standpoint) – President James K. Polk Feb 12 '18 at 20:28
-
How will you exchange pipe handles? If you use some other form of IPC (as opposed to starting the process from an authenticated binary and using handle inheritance), then how will you authenticate the peer process? Once you can answer those questions, then the safety of the anonymous pipe itself will come into play. Personally, I would not pass secret keys in the clear over any form of IPC; consider public key crypto. – glenebob Feb 13 '18 at 21:47