@JonB thanks

Hi and welcome to devnet,

That's a bit too vast of a topic to have a simpler answer.

What element of Cyber Security do you have in mind ?
At what level ?
Cyber Security starts from giving people access to certain hardware / applications to the boot process of your machines/devices, the kernel/OS they are running, the applications you are using on them, the libraries that composes these applications, the devices you plug in the machines, etc.

See https://bugreports.qt.io/browse/QTBUG-86095 for further informations

@addr3ss No, it's not. Resources are compiled into the executable and can be easily extracted from there. What kine of information is it?

@SGaist Thanks a lot, I'll post my question there.

@romsharkov
Hi there,

Do I understand correctly that you have managed to run a QQmlProcess in a separate process?

I am asking it because I have came across pretty much the same problem:
https://github.com/sailfish-sdk/sdk-harbour-rpmvalidator/pull/79#issuecomment-307348648

If you could tell me some words of you implementation details that would be awesome!
Thanks in advance!

@ganeshkbhat Allowing to load and run 3rd C++ inside your main applications's process is very dangerous and we have not found any easy way to sandbox C++ so far, only just have a few ideas worth trying. I've described this issue here in a little more detail.

I have now found this thread posted 2 years ago which seems very similar to what I was looking for. The solution was to create a new QML component which create a new QML engine instance and isolates the untrusted QML code inside it.

That does isolate the execution context, it does't however monitor the network traffic generated by the component. In my case network communication must be restricted to a certain set of domains, so I need to intercept network going in and out of the component, any idea how?

Hi and welcome to devnet,

You should write a MockBackend object that will behave just like your normal backend. There you can set that default username/password.

Hope it helps

@coquetangler
Hi, this forum is community driven so it's probably something that none of the users here could answer. In any case, you can follow the progress of the fix on the bug report and gerrit patch (see last post on the bug)