问题
Is this not a security issue? Even if the xml is validated against the schema, an attacker could still modify the local .xsd file and change it to allow whatever they want. Where should .xsd files be located? And how would you access such a file securely if its stored in a secure location so you can use it for your xml validation in .NET
回答1:
Is your scenario:
- A bad actor wants to attack your system by passing you bad XML that will cause something bad to happen
- To prevent that, you validate the XML against a schema in an XSD
- In order to get around your efforts, the bad actor changes the XSD file on the box that does the validation
Where does this app get installed? Is it on a server? If so, then if the bad actor can change an arbitrary file on your server, then this is the least of your concerns.
If it's on a client PC, then install it with your application. A non-admin user cannot change stuff under "Program Files". If the person is an admin on the box that you are installed on, then there's nothing you can do.
If it's an app on a phone, then I believe my PC comments still hold.
回答2:
You can't stop someone with admin rights on the machine where validation is done faking the schema validation, but one step you can and should take is to prevent the originator of the XML file from faking it.
If you are doing validation because you don't trust the file to be valid, then don't use the xsi:schemaLocation mechanism to locate the schema. Use a validation API that supplies the schema location from the receiving application, rather than getting it from the instance document.
If you want to be really careful, ensure that validation is done by sending the document to a secure server to be validated, and having your secure server return a copy of the document with a digital signature confirming its validity.
来源:https://stackoverflow.com/questions/51369279/c-sharp-validating-xml-file-against-local-xsd-security-issues