I used to do that, I had a sort of IDE that launched a local server, bound to localhost.
The launching process would send a random password through stdin to the child after launch, and the child would use that to authenticate the further RPC calls.
It's surprisingly hard to intercept a process' stdin stream.
The launching process would send a random password through stdin to the child after launch, and the child would use that to authenticate the further RPC calls.
It's surprisingly hard to intercept a process' stdin stream.