Preventing RPC access to a single process when using localhost

[johns...@gmail.com]

I've got a process that is running GRPC servers on a single device via localhost in Golang.  This gives me protection from external access, but I would like to restrict down local access as well.  I would not want another user on the same device getting access.  

I could switch over to using domain sockets and use file permissions, but I figure that wouldn't be compatible across multiple OS types (like Windows).  

Adding an auth layer seems like overkill where I restrict this to a specific local user, but maybe that is the only way to do it.  

If anyone has a better method would be great to hear about it.

Thanks!

[Menghan Li]

I would think a transport security layer sounds OK here, since you want it to be compatible across multiple systems...