Cryptomator 1.5.8 listening on TCP port on all interfaces (i.e. publicly reachable) - reason / security implications?

I just noticed that Cryptomator 1.5.8-0ppa1 listens on a high-numbered port on all network devices:

tcp6 0 0 :::34949 :::* LISTEN 14414/cryptomator

This does not seem to be an officially assigned service address.

I can successfully connect to this port using telnet, but there’s no incoming data and if I enter random stuff, the connection is dropped by Cryptomator.

Open ports accessible via network can always be a potential security issue, so I’d like to know what it’s used for and if it can be disabled or made to listen on localhost only?

If I’m not mistaken, the IpcFactory should be the reason. Cryptomator uses IPC (inter-process communication) to detect if there is only one instance of Cryptomator running simultaneously. That’s basically it. I don’t think that there are any security implications because no data is processed other than “is the port open/closed”.

© 2020 Skymatic GmbH • Privacy PolicyImpressum