On Apr 29 2019, at 1:13 pm, Giuseppe D'Angelo via Interest
<interest@qt-project.org> wrote:
> Hi,
>
> On 24/04/2019 21:23, Alexander Ivash wrote:
> > Yeah, it could work in theory, but in practice there already a lot of
> > places which would require such a modification. This solution just
> > doesn't scale.
>
>
> Any preprocessing solution will require modifications at all call sites
> anyhow, wouldn't it?
>
Not obligatory. Simple cases like console.debug() could be found by
regexp/pattern matching and replaced with empty string. It depends on how
powerfull QML preprocessor woud be (if it would exist)
>
> Moreover, resulting binary will contain
> > string 'console.debug('password: ',
> > someFunctionWhichReturnsPasswordFromProtectedStorage());' (well, maybe
> > not if qml compiler was enabled).
>
>
> Why would this be a problem anyhow?
Because reverse-engineer can easily find this in dump and get better
understanding of application internals. To avoid further comments like
'security by obscurity doesn't work' I need to put a disclaimer: I fully
agree!. But I have such a requirements.
> Cheers,
> --
> Giuseppe D'Angelo | giuseppe.dang...@kdab.com | Senior Software Engineer
> KDAB (France) S.A.S., a KDAB Group company
> Tel. France +33 (0)4 90 84 08 53, http://www.kdab.com
> KDAB - The Qt, C++ and OpenGL Experts
>
> _______________________________________________
> Interest mailing list
> Interest@qt-project.org
> https://lists.qt-project.org/listinfo/interest
>
_______________________________________________
Interest mailing list
Interest@qt-project.org
https://lists.qt-project.org/listinfo/interest
