如何在C#应用程序中安全地存储FTP凭据?
[英]How to store FTP credentials securely in C# application?
问题描述
I am developing a C# WPF application in which the user generates an image and then the app uploads it to a webhosting using FTP connection. 
我正在开发一个C#WPF应用程序,其中用户生成图像,然后该应用程序使用FTP连接将其上传到虚拟主机。 The credentials for the FTP connections are always the same and are currently stored simply in the source code. FTP连接的凭据始终相同,并且当前仅存储在源代码中。 I know that using .NET Reflector, a hacker can very easily obtain the username and password for the FTP connection. 我知道,使用.NET Reflector,黑客可以很容易地获得FTP连接的用户名和密码。 How and where could I store these credentials to be secure from decompilation? 如何以及在何处存储这些凭据以防反编译? Or is there a better way instead of using FTP to upload the file? 还是有更好的方法来代替使用FTP上传文件?
1 个解决方案
解决方案1
0 已采纳 2015-04-01 04:04:55
You cannot allow a user access to a program that itself knows credentials which you don't want the user to know. 您不能允许用户访问本身知道您不希望用户知道的凭据的程序。 The user will always be able to eventually extract the credentials from the program. 用户将始终能够最终从程序中提取凭据。 You may be able to slow them down, but the usual copy-protection calculus applies: 您可能可以放慢它们,但是通常的复制保护演算适用:
- If the information is valuable enough for you to think you need to protect it, it is valuable enough for someone else to bypass your protection. 如果信息足够有价值,使您认为您需要保护它,那么它对于其他人也就足够了,可以绕过您的保护。
- If you invest enough effort into protection to ensure it is not worthwhile to someone else to bypass your protection, then your investment itself exceeded the value of the information (ie you spent too much). 如果您在保护上投入了足够的精力以确保其他人没有必要绕过保护,那么您的投资本身就超过了信息的价值(即您花了太多钱)。
Depending on your relationship to the user and the computer they are using, you have some alternatives: 根据您与用户和他们使用的计算机之间的关系,您可以选择以下方法:
- Give them the credentials, to be entered in the program configuration after it's installed. 给他们提供凭据,安装后将其输入到程序配置中。 Do this only if you trust them of course. 当然,只要您信任他们,就可以这样做。
- Implement the FTP connection code as a Windows service. 将FTP连接代码实现为Windows服务。 Give the credentials to someone else who will install the program, which will in turn install the service, configured with the credentials. 将凭据提供给其他将安装该程序的人,该程序将依次安装使用凭据配置的服务。 The user will have access only to a client program that will communicate with the service, which in turn will handle the FTP communications on behalf of the user. 用户将只能访问将与该服务通信的客户端程序,而该客户端程序又将代表该用户处理FTP通信。 Again, do this only if you trust the person installing the program, and the untrusted user does not have admin rights on the machine. 同样,仅当您信任安装程序的人,并且不受信任的用户在计算机上没有管理员权限时,才执行此操作。
- Issue per-user credentials. 颁发每用户凭据。 Frankly, this is IMHO the best approach. 坦白说,这是恕我直言的最佳方法。 Advantages include: 优势包括:
- The user doesn't know anything that would affect the security of anyone else's resources, 用户不知道任何会影响他人资源安全性的信息,
- You don't have to try to hide anything from the user, 您无需尝试向用户隐藏任何内容,
- You can monitor access to the FTP resource on a per-user basis, and 您可以按用户监视对FTP资源的访问,并且
- You can revoke the credentials for a specific user without affecting your other users. 您可以撤消特定用户的凭据,而不会影响其他用户。
- The user doesn't know anything that would affect the security of anyone else's resources,
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.