-
Notifications
You must be signed in to change notification settings - Fork 2k
Expand file tree
/
Copy pathCleartextStorage.qhelp
More file actions
37 lines (27 loc) · 1.53 KB
/
CleartextStorage.qhelp
File metadata and controls
37 lines (27 loc) · 1.53 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
<!DOCTYPE qhelp PUBLIC
"-//Semmle//qhelp//EN"
"qhelp.dtd">
<qhelp>
<overview>
<p>Sensitive information that is stored unencrypted is accessible to an attacker who gains access to the
storage. This is particularly important for cookies, which are stored on the machine of the end-user.</p>
</overview>
<recommendation>
<p>Ensure that sensitive information is always encrypted before being stored. For ASP.NET applications,
the <code>System.Web.Security.MachineKey</code> class may be used to encode sensitive information.</p>
<p>If possible, avoid placing sensitive information in cookies all together. Instead, prefer storing
a key in the cookie that can be used to lookup the sensitive information.</p>
<p>In general, decrypt sensitive information only at the point where it is necessary for it to be used in
cleartext.</p>
</recommendation>
<example>
<p>The following example shows two ways of storing user credentials in a cookie. In the 'BAD' case,
the credentials are simply stored in cleartext. In the 'GOOD' case, the credentials are protected before
storing them, using <code>MachineKey.Protect</code>, wrapped in a utility method.</p>
<sample src="CleartextStorage.cs" />
</example>
<references>
<li>M. Dowd, J. McDonald and J. Schuhm, <i>The Art of Software Security Assessment</i>, 1st Edition, Chapter 2 - 'Common Vulnerabilities of Encryption', p. 43. Addison Wesley, 2006.</li>
<li>M. Howard and D. LeBlanc, <i>Writing Secure Code</i>, 2nd Edition, Chapter 9 - 'Protecting Secret Data', p. 299. Microsoft, 2002.</li>
</references>
</qhelp>