堆栈内存溢出
  简体   繁体   English

在临时XML配置文件中存储密码的正确方法

[英]Proper Way to Store Passwords in Temporary XML Config File

 原文  2016-03-25 22:40:33       c#/ xml/ child-process/ password-encryption

问题描述

I have created a program that launches a separate child process that performs tasks on files. 我创建了一个程序,该程序启动一个单独的子进程,该子进程对文件执行任务。 Some of these files are password protected, so in order for the child process to run on these files, it needs their passwords. 其中一些文件受密码保护,因此为了使子进程在这些文件上运行,它需要它们的密码。 My plan to accomplish this is to pass an XML config file containing all the file paths and passwords similar to this: 我要实现的计划是传递一个XML配置文件,其中包含所有类似于以下内容的文件路径和密码: 

<Files>
    <File>
      <Path>C:\Users\hahaha\hehehe\file2</Path>
      <Password>123456abc</Password>
    </File>
    <File>
      <Path>C:\Users\blablaa\abc\file1</Path>
      <Password>123456abc</Password>
    </File>
</Files>

This information stays on the local machine and is never passed through a network. 此信息保留在本地计算机上,并且永远不会通过网络传递。 This XML config file is created within the parent process. 此XML配置文件是在父进程中创建的。 The child process takes a string representing the path to this XML config file as an argument. 子进程将代表此XML配置文件路径的字符串作为参数。 The child process will then parse the XML file and then create a dictionary out of the files and passwords ((key, value) => file path, password). 然后,子进程将解析XML文件,然后根据文件和密码((键,值)=>文件路径,密码)创建字典。 After the process completes the config file can be deleted. 该过程完成后,可以删除配置文件。

My question is this: What is the best practice and method for storing the passwords in the config file? 我的问题是:将密码存储在配置文件中的最佳实践和方法是什么? I assume that encrypting them would be sufficient. 我认为加密它们就足够了。 Or if there is an entirely different method that is better, what would that look like? 或者,如果有完全不同的方法更好,那会是什么样?

1 个解决方案

解决方案1
 1 已采纳  2016-03-28 21:33:44

A. Idea is to use Windows Password Manager. 答:想法是使用Windows密码管理器。

  1. Create temporary password for URL "My Super Application" there (if its not created) using CredAPI 使用CredAPI在此处创建URL“我的超级应用程序”的临时密码(如果未创建)
  2. Encrypt XML parts with it. 用它加密XML部分。

B. Idea is to create certificate for application in user personal store using CryptoAPI B.想法是使用CryptoAPI为用户个人商店中的应用程序创建证书

  1. Create and put temporary certificate with both keys in it in a personal user stire using Crypto API 使用Crypto API在个人用户中创建并放置包含两个密钥的临时证书
  2. Encrypt XML parts with it. 用它加密XML部分。

To gain access to the XML bad guy will need to break into the other user account. 为了获得对XML的访问权,坏蛋需要进入其他用户帐户。 If the password will be resetted by admin then all that staff will be lost. 如果密码将由admin重置,则所有人员将丢失。

But storing data in a temporary file just to pass it to a child process is a kinda childish thing. 但是将数据存储在临时文件中只是为了将其传递给子进程是一种幼稚的事情。 Proper way is to use any of this one to accomplish that task 正确的方法是使用任何一种方法来完成该任务

  • Net Remoting 网络远程处理
  • TcpServer - TcpClient and transfer via Network Stream data TcpServer-TcpClient并通过网络流数据传输
  • Memory Mapped File 内存映射文件
  • Pipes 管子

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在XML中存储文件名的正确方法是什么? - What is the proper way to store a file name in XML? app.config 文件是存储密码的安全位置吗? - Is app.config file a secure place to store passwords? 是否可以在“ config”文件中存储分层结构? - If there is a way to store a hierarchical structure in a “config” file? 在Redis中存储和使用配置文件的最佳方法? - Best way to store and use config file in redis? 如何在 App.config 文件中存储 XML 元素 - How to store XML elements in App.config file 将决策表存储在配置文件中的最佳方法是什么? - What's the best way to store a decision table in a config file? 从xml配置文件实例化对象的标准方法 - Standard way to instantiate objects from an xml config file 一种配置NHibernate映射.hbm.xml文件的生成操作的方法? - A way to config the Build Action for NHibernate mapping .hbm.xml file? 存储临时数据的最佳方法是什么? - What is the best way to store temporary data? 与多个项目共享nlog配置和正确的线程安全方式写入同一个日志文件? - Share nlog config with multiple projects and the proper threadsafe way to all write to the same log file?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM