堆栈内存溢出
  简体   繁体   English

iPhone:可以更改应用程序“文档”文件夹中的数据吗?

[英]iPhone: is it possible to alter data in an application's Documents folder?

 原文  2009-02-04 01:31:08       iphone

问题描述

I am building an iPhone game where I store the player's game data in the Documents folder of the application. 我正在构建一个iPhone游戏,该游戏将玩家的游戏数据存储在应用程序的Documents文件夹中。 The game data is serialized to disk using encodeWithCoder. 使用encodeWithCoder将游戏数据序列化到磁盘上。 Using this approach, am I at risk of malicious players altering the game data by hand? 使用这种方法,我是否有恶意玩家手动更改游戏数据的风险?

I know jail broken phones give you ssh access to your phone. 我知道越狱的手机会给您ssh访问手机的权限。 So in theory, a player can ssh into his phone, find the game data, and edit it using vi to tweak their data? 因此,从理论上讲,玩家可以将手机缩进手机中,找到游戏数据,并使用vi对其进行编辑以对其数据进行调整吗?

I have a jail broken phone for testing and I'm trying it now, but each attempt at editing it seems to corrupt the file and make it impossible to be read by the game. 我有一部坏掉的手机用于测试,现在正在尝试中,但是每次尝试编辑它似乎都损坏了文件,导致游戏无法读取该文件。

I'm also trying to scp the data file to my dev machine, open it up using xcode, tweaking the values, and sending it back to the app. 我也试图将数据文件scp到我的开发机上,使用xcode将其打开,调整值,然后将其发送回应用程序。 But I'm not having any success on seeing the new values appear in the game. 但是我没有看到新的价值出现在游戏中取得任何成功。

So am I safe from this type of exploit? 那么,我可以免受这类攻击吗?

Thanks. 谢谢。

3 个解决方案

解决方案1
 1  2009-02-04 01:44:23

If you are really worried about it, encrypt it. 如果您真的担心它,请将其加密。

I say if since the # of people who are going to jailbreak their phone to hack your app is so miniscule it is not worth worrying about. 我要说的是,既然要越狱以窃取您的应用程序的手机的人数如此之小,就不值得担心。 If and when it is worth worrying about, you can change it. 如果以及何时值得担心,可以进行更改。

This smells like a premature optimization to me. 对我来说,这听起来像是过早的优化。

解决方案2
 0  2009-02-04 01:37:30

No, on a jailbroken iPhone the user can do whatever he likes to do, even change your file. 不,在越狱的iPhone上,用户可以执行他想做的任何事情,甚至可以更改文件。 The only save place is the internet on a by you controlled server. 唯一的保存位置是由您控制的服务器上的Internet。

解决方案3
 0  2009-02-04 14:17:03

Agreed, this sounds like a minor problem. 同意,这听起来像是一个小问题。 Why would a user want to go through the trouble of hex editing their score on a jailbroken device? 用户为什么要麻烦在越狱设备上十六进制编辑分数? The last time I even thought of doing something similar was with Neuromancer on the Apple II+. 我最后一次想到做类似的事情是在Apple II +上使用Neuromancer。

If you do have a case where trusted local data is required as part of some online competition, you could try storing it on the device using the Keychain API, although even that might be accessible to the local user. 如果确实存在某些在线竞争需要可信的本地数据的情况,则可以尝试使用Keychain API将其存储在设备上,即使本地用户也可以访问。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 访问iPhone应用程序的文件文件夹中的文件 - access files in documents folder of application of iphone iPhone EXIF 数据不会从文档文件夹中读取 - iPhone EXIF data will not read from documents folder iPhone中应用程序的“文档”文件夹 - Application's Document folder in iphone iPhone编程:我可以在应用程序的文档目录(根文件夹)中存储多少数据? - iPhone programming: How much data can I store in my app's Documents Directory (root folder)? 是否可以在设置应用程序中动态更改 iphone 应用程序的设置页面? - Is it possible to dynamically alter an iphone app's settings page in the settings app? 是否可以从调试器控制台上查看iphone上的Documents文件夹的内容 - is it possible to see content of Documents folder on iphone from debugger console iPhone上的App Documents文件夹 - App Documents Folder on iPhone iPhone的任何接口来处理在应用程序的Documents文件夹中创建的sqlite数据库? - iphone any interface to deal with sqlite database created in the application Documents folder? 如何获取存储在iPhone应用程序的文件夹中的png文件的尺寸? - How to get dimension of png file stored in documents folder of iPhone application? 将数据复制到iPhone上的Application Data文件夹 - Copying data to the Application Data folder on the iPhone
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM