嵌入式 Qt WebEngine 安全风险
[英]Embedded Qt WebEngine security risk
问题描述
In my QT application, I need to download certain data.
在我的 QT 应用程序中,我需要下载某些数据。 This data is protected and users need to Login to the website to download the data.这些数据受到保护,用户需要登录网站下载数据。 In order to allow users to login, I display the Login Page of our website using QWebEngineView .为了允许用户登录,我使用QWebEngineView显示我们网站的登录页面。 The user enters his credentials.用户输入其凭据。 This generates the required cookies for authentication.这会生成身份验证所需的 cookie。 I store the generated cookies in QNetworkCookieJar .我将生成的 cookie 存储在QNetworkCookieJar 。 I then create a QNetworkAccessManager and add the saved QNetworkCookieJar to QNetworkAccessManager .然后我创建一个QNetworkAccessManager并将保存的QNetworkCookieJar添加到QNetworkAccessManager 。 I then use the QNetworkAccessManager to download the data.然后我使用QNetworkAccessManager下载数据。 This all works fine.这一切正常。 However, in the security review of my project, there were concerns raised that the Login page is under the control of my application and thus I can get the user credentials (for eg. by watching the keystrokes on Login Page).但是,在对我的项目进行安全审查时,有人担心登录页面受我的应用程序控制,因此我可以获得用户凭据(例如,通过查看登录页面上的按键)。
So my question is: Is this security risk real?所以我的问题是:这种安全风险是真的吗? Can I actually get the user credentials?我真的可以获得用户凭据吗? If yes.如果是。 what options do I have to authenticate the user and still avoid any security loopholes?我有哪些选项可以验证用户身份并仍然避免任何安全漏洞?
1 个解决方案
解决方案1
0 2020-01-28 21:20:33
Yes, in a Qt Application you can always catch any keystrokes sent to a widget.是的,在 Qt 应用程序中,您始终可以捕获发送到小部件的任何击键。 The same applies to Google Chrome and almost every web browser out there.这同样适用于谷歌浏览器和几乎所有的网络浏览器。 The user enters the data in the application and it is passed through to the network and across the wires to the web server.用户在应用程序中输入数据,然后将其传递到网络并通过电线到达 Web 服务器。
When considering security risk you always consider two things.在考虑安全风险时,您总是要考虑两件事。 The potential damage and the feasibility of crafting an exploit.制作漏洞的潜在损害和可行性。 The potential damage is high and you can't control that.潜在的伤害很高,你无法控制。 What you can control is the feasibility of creating an exploit.您可以控制的是创建漏洞的可行性。 Considering that you (or your company) control the code, you can make it very hard to exploit the fact that your application knows the credentials.考虑到您(或您的公司)控制着代码,您可能很难利用您的应用程序知道凭据这一事实。 That would make the risk very low.这将使风险非常低。
Even employing something like a hardware dongle would be problem because you have to transfer the data from the dongle to the the web engine.即使使用硬件加密狗之类的东西也会有问题,因为您必须将数据从加密狗传输到网络引擎。 That still can provide a way to intercept it.那仍然可以提供一种拦截它的方法。
Try looking for discussions on software security risk analysis and mitigation.尝试寻找有关软件安全风险分析和缓解的讨论。 There is even an SE site about it, https://security.stackexchange.com/ .甚至还有一个关于它的 SE 站点, https://security.stackexchange.com/ 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.