A Unix® domain socket is a special socket type within the Unix® operating system (OS) that transfers data from one application to another. Unlike other sockets, which typically connect to other systems, the Unix® domain socket is an inter-process communication (IPC) socket, meaning it only connects to other programs on the user’s computer. Structurally, the domain socket is more like a named pipe than a socket, though it has several features that a pipe does not include. The use of domain sockets is safe, because other networks cannot spy on the data stream, and the socket does not even need a network to function.
Sockets, in every OS, are used to stream bytes from one program to another in a two-way flow, meaning that while data are leaving, other data are coming in. This normally is used as a bridge for other servers and computers, but not in the case of a Unix® domain socket. These special sockets are used to push data from the Unix® filesystem to another program rather than an outside network.
While the Unix® domain socket shares many socket-related tasks and abilities, it is more like a named pipe. A named pipe is a way for the computer to stream data from one section to another. It is called a named pipe because the pipe is given a name, just like the Unix® domain socket has a name — the Unix® filesystem itself functions as the name. The major difference between these two is that pipes can only offer byte stream sequences, in which data are read as they are sent, while domain sockets offer byte stream and datagram, in which information is read as a packet. Byte stream is better in terms of security, whereas datagram is better for systems that send continuous messages.
Unix® domain sockets are not made to integrate with outside networks, but they offer many convenient functions for local networks, whether one person or several people are using the computer. By using the Unix® domain socket instead of other types of sockets, the programs can obtain authentication, or permission, without the user having to enter it manually. The domain socket also takes on the rules of the Unix® system, which is helpful if different users are given different levels of access, because these rules can be written to the system and they will be heeded.
More than other sockets and pipes, a Unix® domain socket is secure. Domain sockets will not allow a non-trusted network to listen to the data stream, and remote computers cannot connect to the stream without access. All authentication and login information is located on the Unix® domain, so the user will never have to enter a password or user name to login to the server. This means programs that listen to keystrokes will not obtain this information.