如何在C#应用程序中安全地存储FTP凭据? [英] How to store FTP credentials securely in C# application?
问题描述
我正在开发一个C#WPF应用程序,其中用户生成图像,然后该应用程序使用FTP连接将其上传到虚拟主机。
FTP连接的凭据始终相同,当前仅存储在源代码中。
我知道,使用.NET Reflector,黑客可以很容易地获得FTP连接的用户名和密码。
如何以及在哪里存储这些凭据以防反编译?
还是有比使用FTP上传文件更好的方法?
I am developing a C# WPF application in which the user generates an image and then the app uploads it to a webhosting using FTP connection. The credentials for the FTP connections are always the same and are currently stored simply in the source code. I know that using .NET Reflector, a hacker can very easily obtain the username and password for the FTP connection. How and where could I store these credentials to be secure from decompilation? Or is there a better way instead of using FTP to upload the file?
推荐答案
您不能允许用户访问本身知道您不希望用户知道的凭据的程序。用户始终最终将能够从程序中提取凭据。您也许可以放慢它们的速度,但是通常会使用复制保护演算:
You cannot allow a user access to a program that itself knows credentials which you don't want the user to know. The user will always be able to eventually extract the credentials from the program. You may be able to slow them down, but the usual copy-protection calculus applies:
- 如果信息足够有价值,您可以考虑一下您需要保护它,这对于其他人绕过您的保护是足够有价值的。
- 如果您在保护上投入了足够的精力以确保其他人不值得绕过您的保护,那么您的投资本身就超过了信息的价值(即,您花费了太多)。
取决于您与用户的关系以及他们正在使用的计算机上,您有一些选择:
Depending on your relationship to the user and the computer they are using, you have some alternatives:
- 给他们凭据,在安装后将其输入程序配置中。当然,只有在您信任它们的情况下,才执行此操作。
- 将FTP连接代码作为Windows服务实施。将凭据提供给将要安装程序的其他人,其他人将安装该程序,并使用凭据配置该服务。用户将只能访问将与该服务通信的客户端程序,而该客户端程序又将代表该用户处理FTP通信。同样,仅当您信任安装程序的人,并且不受信任的用户在计算机上没有管理员权限时,才执行此操作。
- 按用户颁发凭据。坦白说,这是恕我直言的最佳方法。优点包括:
- 用户不知道任何会影响他人资源安全性的信息,
- 您没有试图向用户隐藏任何内容,
- 您可以基于每个用户监视对FTP资源的访问,并且
- 您可以撤消特定用户的凭据,而不会影响您的其他用户。
- Give them the credentials, to be entered in the program configuration after it's installed. Do this only if you trust them of course.
- Implement the FTP connection code as a Windows service. Give the credentials to someone else who will install the program, which will in turn install the service, configured with the credentials. The user will have access only to a client program that will communicate with the service, which in turn will handle the FTP communications on behalf of the user. Again, do this only if you trust the person installing the program, and the untrusted user does not have admin rights on the machine.
- Issue per-user credentials. Frankly, this is IMHO the best approach. Advantages include:
- The user doesn't know anything that would affect the security of anyone else's resources,
- You don't have to try to hide anything from the user,
- You can monitor access to the FTP resource on a per-user basis, and
- You can revoke the credentials for a specific user without affecting your other users.
这篇关于如何在C#应用程序中安全地存储FTP凭据?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
