[Interest] QML and sensitive data
roland at logikalsolutions.com
Thu Sep 5 14:28:04 CEST 2019
On 9/5/19 5:00 AM, Alexander Ivash wrote:
> Thank you for fast response, but my question is purely about QML. On
> C++ side I have a lot of ways for nullifying / erasing sensitive
> information*after* it is not needed (let say after particular QML
> screen gets' closed). But on QML / JS side I have no any control at
> all. Would be great if one of QML guys could step in and comment too.
The correct solution is to never use QML for anything. It's a needless
burden on the processor _and_ it's insecure. Who wouldn't want to write
everything with that???
Thiago tried to point you in the correct direction, but I think you
missed it. All data must be owned by C++. Never use Q_PROPERTY() so you
can control the lifespan and communications.
I'm guessing you prompt for a username &/or password and have one
control enter the entire thing. Upon success you navigate to a new
dialog/screen/whatever and the insecure luggage is left laying around.
You can "solve" this problem architecturally by not doing that.
Cheap hack #1: assign both fields new values once validated, say "*****"
and force screen update before navigating away.
A much better solution would be to have your own entry control which
sends each character back to C++ and displays first a string with that
character, then after 1-3 seconds changes all visible characters to a *
so the string in QML never contains the complete username or password.
Perform all validation logic within C++ and have C++ own the data. Let
QML be no more than a screen surface.
The best solution would be to use Widgets.
Roland Hughes, President
More information about the Interest