Ok, Mach messaging, not Unix sockets. That is helpful, thank you. With regards to identifying the remote peer-- in my case this shouldn't be an issue, correct? Since the XPC service in my case here is an embedded service, so my extension should be the only process that can use it. My main concern still then can the data be intercepted in transit, no so much that another process could hijack the service itself. I know next to nothing about Mach messaging, so I have a little more digging to do then. But the fact the this looks like something that happens at the kernel level is encouraging from a security standpoint.

This perfectly addresses my concern. You are correct this is a nested appex, and in that appex there is an XPC service. I wanted to make sure that malicious software could not intercept data between the appex and the XPC service. The data in this case is not something I'm trying to protect from the user, only from malware. Thanks again for all your help.

This perfectly addresses my concern. You are correct this is a nested appex, and in that appex there is an XPC service. I wanted to make sure that malicious software could not intercept data between the appex and the XPC service. The data in this case is not something I'm trying to protect from the user, only from malware. Thanks again for all your help.