launchd: Mach service lookup failed

Question

A helper tool blessed with root privileges through launchd fails in establishing an NSConnection to my main Program.

The connection works when I launch HelperTool manually with a sudo, which proves that my service is well vended, and that the problem comes from launchd.

The logs are:

12.01.12 12:41:07    Debou[8247]    [CaptureQueue startCaptureQueueThread] Launched NSConnection service Debou-CaptureQueueThread - (** NSConnection 0x100522090 receivePort <NSMachPort: 0x1005511d0> sendPort <NSMachPort: 0x1005511d0> refCount 1 **)
12.01.12 12:41:10    com.apple.launchd[1]    System: Looking up service Debou-CaptureQueueThread
12.01.12 12:41:10    com.apple.launchd[1]    (com.Debou.PacketTool[8260]) Mach service lookup failed: Debou-CaptureQueueThread 

Why launchd would not be able to see my vended NSConnection ?

Answer 1

AIUI this is due to the Mach namespace hierarchy. Your main program will have registered its NSConnection in the user session namespace, while the LaunchDaemon runs in the global context, so it can't see into any session namespaces. Note that when you run the helper with sudo, it still runs in the session context even though it's running as root. See tn2083, especially the "Execution Contexts" and "Daemon IPC Recommendations" sections.

You might be able to vend the connection from the LaunchDaemon and connect from the main program (since session namespaces inherit from the global namespace), but it would probably be better to switch to a different mechanism altogether. As Quinn "The Eskimo!" points out in this message, using distributed objects between security domains (like a user program and a daemon running as root) makes it very hard to do proper input validation, and hence is likely to lead to security bugs.