Uploaded image for project: 'Qt Creator'
  1. Qt Creator
  2. QTCREATORBUG-3074

In the run settings, Warn about the security risk of having a port open.

    XMLWordPrintable

Details

    Description

      Follow up QTBUG-13775

      When starting the qmlobserver, or when debugging QML, it opends a connection that is available from the outside work. A hacker could connect to that port and execute any javascript.

      The user should be warned from the creator interface that opening a debug connection is insecure and that he should use a firewall.

      Later on, a proper solution with a secret cookie in the debug protocol can be implemented.

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            kkohne Kai Köhne
            goffart Olivier Goffart (closed Nokia identity) (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes