I am not a guru of stack traces, at all. I don't even know how to get them. Anyway, I am wondering if entering a password entered in an inputbox is safe. Can't it be retrieved by getting a stack trace?


A password entered that way will be found in many places:

TEdit 的 Caption 属性创建输入框的函数结果可能是存储输入框命令结果的变量等等……


If the answer is "yes, it is a vulnerability", then my world collapses :p. What can be done to avoid this security hole?

注意:InputBox 是一个示例,但它可以带有自制"登录提示.InputBox 是一个 Delphi 命令,但我没有用 Delphi 标签标记这个问题,因为我认为这个问题涉及任何语言.

NOTE: The InputBox is an example but it can be with a "homebrewed" login prompt. InputBox is a Delphi command but I haven't tagged the question with the Delphi tag because I suppose that the question concerns any language.


这被称为密闭舱口问题,源于(至少一个来源)道格拉斯·亚当斯 (Douglas Adams) 的一本书中的一章,名为《The Hitchhikers Guide to the Hitchhikers Guide to the Hitchhikers Guide》.星系.在其中,我们的两个主角被一个大卫兵抬着并被扔进一个气闸,等待被疏散到太空中.在某些时候,我们的一个主角说他有一个解决方案,但它宁可涉及到密闭舱口的另一边.".

This is called the airtight hatchway problem, and stems (at least one of the sources) from a chapter in a book by Douglas Adams called The Hitchhikers Guide to the Galaxy. In it, our two protagonists are being carried by a large guard and dumped into a airlock, pending being evacuated into space. At some point, one of our protagonists says that he had a solution, but "it rather involved being on the other side of the airtight hatchway.".



If you have a cracker that is able to execute code (or in other ways "be") on your own machine, you have already lost. There's a ton of things that the cracker can do at that point.


So your first line of defense should be to prevent bad-guys access to your machine, if you can handle that, security becomes much easier.


So no, this is not a vulnerability, it is the fundamental way your computer works.


In the simplest form, if someone is able to get hold of runtime live stack-traces of your program in motion, it probably means they have hooked up something that looks like a debugger to your program and is able to "debug" your program as it runs. A breakpoint could easily grab data from memory, process it, and then resume the program without the user ever knowing anything has happened, but in practice, there are far easier way to get hold of such information provided you can execute code on the system.

现在,话虽如此,在 .NET 和许多其他运行时都支持尝试至少使其更难,而不是存储整个字符串,而是拦截输入框中的一个和一个键击,并对其进行编码与密码的其余部分一起,这样每个字符就不会以纯文本形式存储.

Now, having said that, in .NET and many other runtimes there is support for attempts to at least make it harder, by instead of storing the whole string, they intercept one and one keystroke into your input box, and encodes it together with the rest of the password, so that each character is not stored in plain-text.

但是,处理这个问题的代码使用起来非常麻烦,因为任何尝试以明文形式获取整个密码都会使整个练习变得毫无意义,所以除非你能够传递这样的编码密码 end-结束你的系统,这并没有太大帮助.

However, the code that handles this becomes very cumbersome to work with, simply because any attempt to get the whole password in clear-text would make the whole exercise pointless, so unless you're able to pass such encoded passwords end-to-end around your system, this won't really help much.

在 .NET 中,有问题的类是 System.SecureString.

In .NET, the class in question is System.SecureString.


However, again, if the bad-guy can execute code on your platform, what is there to stop him from intercepting the keystrokes and just combining them together to form your password?


