问题
I am developing a C# WPF application in which the user generates an image and then the app uploads it to a webhosting using FTP connection. The credentials for the FTP connections are always the same and are currently stored simply in the source code. I know that using .NET Reflector, a hacker can very easily obtain the username and password for the FTP connection. How and where could I store these credentials to be secure from decompilation? Or is there a better way instead of using FTP to upload the file?
回答1:
You cannot allow a user access to a program that itself knows credentials which you don't want the user to know. The user will always be able to eventually extract the credentials from the program. You may be able to slow them down, but the usual copy-protection calculus applies:
- If the information is valuable enough for you to think you need to protect it, it is valuable enough for someone else to bypass your protection.
- If you invest enough effort into protection to ensure it is not worthwhile to someone else to bypass your protection, then your investment itself exceeded the value of the information (i.e. you spent too much).
Depending on your relationship to the user and the computer they are using, you have some alternatives:
- Give them the credentials, to be entered in the program configuration after it's installed. Do this only if you trust them of course.
- Implement the FTP connection code as a Windows service. Give the credentials to someone else who will install the program, which will in turn install the service, configured with the credentials. The user will have access only to a client program that will communicate with the service, which in turn will handle the FTP communications on behalf of the user. Again, do this only if you trust the person installing the program, and the untrusted user does not have admin rights on the machine.
- Issue per-user credentials. Frankly, this is IMHO the best approach. Advantages include:
- The user doesn't know anything that would affect the security of anyone else's resources,
- You don't have to try to hide anything from the user,
- You can monitor access to the FTP resource on a per-user basis, and
- You can revoke the credentials for a specific user without affecting your other users.
来源:https://stackoverflow.com/questions/29367241/how-to-store-ftp-credentials-securely-in-c-sharp-application