DRD23-J. Do not use loopback when handling sensitive data
Under Construction
This guideline is under construction.
Loopback, that is, connecting network communications to localhost ports, should not be used when handling sensitive data. The localhost ports are accessible by other applications on the device, so their use may result in sensitive data being revealed. Instead, a secure Android IPC mechanism should be used, such as the HttpsURLConnection class or the SSLSocket class .
Similarly, secure communications should never be bound to the INADDR_ANY port since this would result in the application being able to receive requests form anywhere.
For more information on these issues, see: [ Android Security ] section Using Networking .
Noncompliant Code Example
This noncompliant code example shows an application that binds to a localhost network port to send sensitive data.
TBD
Another application could intercept the communication and access the sensitive data
Compliant Solution
In this compliant solution the application uses a secure network connection.
TBD
Risk Assessment
Using localhost or the INADDR_ANY port when handling sensitive data could result in the data being revealed.
| Rule | Severity | Likelihood | Detectable | Repairable | Priority | Level |
|---|---|---|---|---|---|---|
| DRD23-J | Medium | Probable | No | No | P4 | L3 |
Automated Detection
Automatic detection of the use of localhost or the INADDR_ANY port is straightforward. However, it may not be possible to automatically detect whether this use compromises any sensitive data.
Tool
Version
Checker
Description
Bibliography
| [ Android Security ] | Using Networking |
| [ Android API 2013 ] |