> I'm talking about local interface decoupled with a local API from implementation.
To expose this "local API" usefully, you must either:
1. Share memory with other processes (new attack vector), or
2. Listen on some kind of network or native socket for messages and authn+authz the commands that come through it based on some security protocol (new attack vector).
The value proposition of an API is to allow control and data flow between an application and some external entity. It seems to me that it has security implications by definition.
To expose this "local API" usefully, you must either:
1. Share memory with other processes (new attack vector), or 2. Listen on some kind of network or native socket for messages and authn+authz the commands that come through it based on some security protocol (new attack vector).
The value proposition of an API is to allow control and data flow between an application and some external entity. It seems to me that it has security implications by definition.