I am working on a wxWidgets GUI application that allows the user to upload files to an FTP server and the user name / FTP server Password is required to reach.
As far as I know, STL strings or even four * string appear to end the user, even the program is already compiled, hex editor or perhaps Like string extractors
So, is there a safe / secure way to store sensitive information inside the C ++ application?
PS I can not use .NET for this application.
It is independent of the actual programming language used.
FTP is a protocol that transmits its passwords in plain text. Any amount of ambiguity will change, and an attacker can easily block the password as if it is transmitted.
There is no other problem, no protocol will be used, this will change the fact that your application is decoding Should be enabled Once you start looking at the secure protocol (like SFTP), then you can also get the infrastructure. For automated access to secure authentication (such as public / private key) You are still responsible for not having the key file to be used for anyone else on the file system - which can not be enough - depending on the operating system and overall setup. But since we are talking about an interactive application, then the easiest way is not authentication is automatically automatic, but for the user and password the user After all, they should know, should they not be inquired? Edit: By enhancing the excellent comment by Kate Gregory, if the user accesses a normal "technical" (or anonymous) server, your app has been uploaded by Files should not be visible on the server before you make some sort of filtering. A common method of doing this is the "Upload" directory where the file can be uploaded, but can not be downloaded from. If you do not take these precautions, then people will not be able to share all kinds of illegal file to your FTP server. For use as turntable, and you are legally responsible for that.
Comments
Post a Comment