WHAT'S IN THIS CHAPTER?
When to use multiple processes and how to design a multipleprocess application
How to handle switching between different users
Communicating between different processes
Limiting processes' access to resources
Verifying a program's identity
Splitting an application into multiple processes can impart significant design benefits. A system comprising a user-interfacing foreground application communicating with a background daemon can carry on its work while the user is not working in the app, or not even logged in. A helper tool can perform some tasks in parallel with the user interface without adding the complication of multi-threaded programming. Applications can take advantage of services provided by other applications and by the operating system through inter-process communication (IPC). The interfaces between these processes must be considered as entry points to the whole system, so both the design and implementation of multi-process systems must be carefully thought out to avoid the introduction of vulnerabilities.
A process that can be controlled by an attacker could potentially be used to perform any task for which the process has the required privileges. If the process is used only for making network connections but also has the ability to replace files in the /Applications folder, then an attacker can subvert it for this second purpose, which isn't even a feature of the application. It is desirable ...