Safe Shared Memory in 2022

As part of our work on BigBuffers and procedure calls, we have come up against the realisation that there is no simple way to have “invite-only” shared memory in 2022.

Windows

The situation is worst on Windows, where there appears to be almost no controls whatsoever. Our initial investigation suggested that it was fundamentally impossible to develop any type of shared memory that was safe but we think we have developed a reasonable approach that at least reduces the opportunity for interception and problems.

Linux

At least in Linux it is possible to put some controls on a shared memory buffer, for instance ensuring the allocation length is not changed unilaterally.

MacOS

As always, Apple has made things complicated… but at least they have a reasonably sane way to share memory between processes in a secure manner, even if it does require a separate LaunchAgent process to handle introductions.