加密web.config中使用受保护的配置没有意义? [英] Encrypting web.config using Protected Configuration pointless?
问题描述
我一定是失去了一些东西......
I must be missing something...
所以我搞清楚加密web.config中的数据库连接字符串和SQL会话状态的连接信息的最佳途径的过程。我很快找到一个穿行在MSDN上使用受保护的配置加密的web.config部分解释: 使用受保护的配置 MSDN演练
So I am in the process of figuring out the best way of encrypting the database connection string and sql session state connection info in web.config. I quickly find a walk through on msdn explaining using protected configuration to encrypt parts of the web.config: MSDN walkthrough on using Protected Configuration
所以,我想很大的,有在地方做这样的机制,它看起来很简单的。我到演练结束后,他们提供源$ C $下,可用于所有的连接字符串解密一个aspx页面!!!!
So I am thinking great, there is a mechanism in place to do this and it looks very simple. I get to the end of the walkthrough, and they provide the source code for an aspx page that can be used to decrypt all the connection strings!!!!
有什么意义???我没有在此Web服务器上运行的任何ftp服务,只有这样,任何人都将要看到的web.config的是,如果他们可以访问到该网站公布的文件系统。如果他们有那么所有他们所要做的是使用提供的code到解密。
What is the point??? I dont have any ftp service running on this web server, the only way anyone is going to see web.config is if they have access to the file system where the website is published. If they have that then all they have to do is use the provided code to unencrypt.
我在想什么?有没有更好的方法来加密这些?如果我摇自定义解决方案将其用于SQL会话状态的一部分工作? (不相信,甘蔗从web.config中删除)
What am I missing? Is there a better way to encrypt these? If i roll a custom solution will it work for the sql session state part? (dont believe that cane be removed from web.config)
推荐答案
您至少需要写访问到文件系统,以便能够解密,假设你使用的DPAPI供应商。方法来解密包括:
You need at least write access to the filesystem to be able to decrypt it, assuming you're using the DPAPI provider. Ways to decrypt it include:
- 在复制一个aspx页面中包含解密code到服务器,并导航到该
- 请在服务器上运行一个应用程序对其进行解密。
但它可以防止解密未经授权的用户谁拥有读访问文件系统或文件系统的备份。
But it protects against decryption by an unauthorised user who has read access to the filesystem or a backup of the filesystem.
通常你会设置你的生产服务器,以便只有授权管理员就可以登录到服务器或写入到文件系统。
Typically you would set up your production servers so that only authorized adminstrators can log in to the server or write to its filesystem.
开发可能远程读取访问支持的目的,并且将不能够配置文件远程解密。
Developers might have remote read access for support purposes, and would not be able to decrypt the config file remotely.
加/解密很容易与标准库:最困难的部分就是确保只有经过授权的人访问密钥
Encryption/decryption is easy with standard libraries: the hard part is ensuring only authorized people have access to the keys.
如果您使用的是DPAPI,你基本上委派密钥的管理Windows的安全。如果使用其他供应商,如RSA,你需要存储的关键地方,并保护它免受未经授权的访问,例如使用访问控制列表。
If you're using DPAPI, you're essentially delegating management of the keys to Windows security. If you use another provider such as RSA, you need to store the key somewhere, and protect it against unauthorized access e.g. using an ACL.
这篇关于加密web.config中使用受保护的配置没有意义?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
