如何使用 C# 中的指针安全地清除 TextBox 的内容? [英] How can I securely clear the contents of a TextBox using pointers in C#?
问题描述
我目前正在尝试在 Windows 窗体中制作密码存储系统,我听说您应该在使用完后尽快覆盖包含敏感信息的字符串.由于字符串在 C# 中是不可变的,我决定尝试使用指针清除包含用户名和密码的两个 TextBoxes.我尝试了两种方法 可以您通过不安全的方法更改了(不可变的)字符串的内容?(OP 的方法和接受的答案),但它们似乎都无法清除 TextBox 中的文本(尽管它们适用于普通字符串);我也无法在互联网上找到更多答案.这是一个预期的功能,还是我在我的代码中做错了什么?我的方法是不是有点矫枉过正?我的方法根本行不通吗?
I'm currently experimenting with making a password storage system in Windows Forms, and I heard that you should overwrite strings containing sensitive information as soon as possible once you're done using it. Since strings are immutable in C#, I decided to try clearing the two TextBoxes containing the username and password using pointers. I tried two methods from Can you change the contents of a (immutable) string via an unsafe method? (OP's method and the accepted answer), but neither of them seemed able to clear the text from a TextBox (although they worked for ordinary strings); I also couldn't find any more answers on the internet. Is this an intended feature, or am I doing something wrong in my code? Is my method overkill? Does my method not work at all?
代码:
// First method that I tried
unsafe
{
if (this.textBox1.Text != String.Empty)
fixed (char* usr = this.textBox1.Text)
for (int i = 0; i < this.textBox1.Text.Length; i++)
usr[i] = '\0';
if (this.textBox2.Text != String.Empty)
fixed (char* pwd = this.textBox2.Text)
for (int i = 0; i < this.textBox2.Text.Length; i++)
pwd[i] = '\0';
}
// Second method that I tried
if (this.textBox1.Text != String.Empty)
{
GCHandle gcU = GCHandle.Alloc(this.textBox1.Text, GCHandleType.Pinned);
unsafe
{
char* usr = (char*)gcU.AddrOfPinnedObject();
for (int i = 0; i < this.textBox1.Text.Length; i++)
usr[i] = '\0';
}
gcU.Free();
}
if (this.textBox2.Text != String.Empty)
{
GCHandle gcP = GCHandle.Alloc(this.textBox1.Text, GCHandleType.Pinned);
unsafe
{
char* pwd = (char*)gcP.AddrOfPinnedObject();
for (int i = 0; i < this.textBox2.Text.Length; i++)
pwd[i] = '\0';
}
gcP.Free();
}
如果有人想知道,我使用的是 .NET Framework 4.8.
In case anyone's wondering, I'm using .NET Framework 4.8.
推荐答案
通常,内存中的数据可能包含敏感数据.程序操作的所有数据在某个时候都需要在内存中,所以当然内存中也有敏感数据(不仅是密码,当然还有你使用这个密码获取的数据、用户名、电子邮件地址、等等.).一旦数据不再使用,就可以(或多或少地)从内存中擦除数据,但这并不能真正解决问题,它可能只会降低数据泄露的风险.
Generally, data in memory can contain sensitive data. All data the program operates on needs to be in memory at some point, so of course there's also sensitive data in memory (not only passwords, but of course also the data you fetch using this password, user names, e-mail-addresses, etc.). It is (with more or less effort) possible to erase the data from memory as soon as it is no longer used, but that doesn't solve the issue really, it might just reduce the risk of leaking the data.
然而,正如我在上面的评论中所说的,如果有人访问程序内存,安全就会受到损害,他或她可以对程序数据做任何想做的事情,并且还可以在活动的权限下开始执行任务用户.
However, as I stated in the comments above, if somebody gets access to the program memory, security is compromised, and he or she can do whatever one wants with the program data and also start executing tasks with the permissions of the active user.
在 Windows 上,通常允许调试自己的程序,因此在计算机上执行的任何程序(理论上)都可以从同一用户拥有的任何其他正在运行的程序读取所有数据,因为调试意味着读取和写入程序的内存.或多或少,防止这种情况的唯一方法是防止 PC 被恶意软件感染.
On Windows, debugging one's own programs is typically allowed, so any program that executes on a computer can (theoretically) read all data from any other running program owned by the same user, because debugging implies reading and writing the program's memory. More or less the only way to prevent this is to prevent that the PC gets infected by malware.
这完全独立于所使用的程序语言.
This is completely independent of the program language used.
这篇关于如何使用 C# 中的指针安全地清除 TextBox 的内容?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
