未来工作

本节描述了我们开始或希望在未来解决的主题，以使 Tauri 应用更加安全。如果你对这些主题感兴趣或有预先存在的知识，我们随时欢迎新的贡献者和通过 GitHub 或其他社区平台（如 Discord）提供建议。

¥This section describes topics we started or would like to tackle in the future to make Tauri apps even more secure. If you feel interested in these topics or have pre-existing knowledge we are always happy to welcome new contributors and advice via GitHub or other community platforms like Discord.

二进制分析

¥Binary Analysis

为了让渗透测试人员、审计员和自动安全检查人员能够正常完成他们的工作，即使从编译的二进制文件中提供洞察力也是非常有价值的。并非所有公司都是开源的或提供审计、红队和其他安全测试的源代码。

¥To allow pentesters, auditors and automated security checks do to their job properly it is very valuable to provide insight even from compiled binaries. Not all companies are open source or provide source code for audits, red-teams and other security testing.

另一个经常被忽视的点是，提供内置元数据使应用的用户能够大规模审核其系统中的已知漏洞，而无需投入一生的时间和精力。

¥Another often overlooked point is that providing inbuilt metadata empowers users of your application to audit their systems for known vulnerabilities at scale without dedicating their lifetime and efforts into it.

如果你的威胁模型依赖于模糊安全性，本节将提供一些工具和要点，希望这些工具和要点能让你重新考虑。

¥If your threatmodel depends on security by obscurity this section will be providing some tools and points which hopefully will make you reconsider.

对于 Rust，有 cargo-auditable 可以创建 SBOMs 并提供二进制文件的精确 crate 版本和依赖，而不会破坏可重现的构建。

¥For Rust there is cargo-auditable to create SBOMs and provide exact crate versions and dependencies of a binary without breaking reproducible builds.

对于前端堆栈，我们不知道类似的解决方案，因此从二进制文件中提取前端资源应该是一个简单的过程。之后应该可以使用 npm audit 或类似的工具。已经有关于该过程的 博客文章，但没有可用的简单工具。

¥For the frontend stack we are not aware of similar solutions, so extracting the frontend assets from the binary should be a straightforward process. Afterwards it should be possible to use tooling like npm audit or similar. There are already blog posts about the process but no simple tooling is available.

我们计划在编译具有某些功能的 Tauri 应用时提供此类工具或使提取资源变得更容易。

¥We are planning to provide such tooling or make it easier to extract assets, when compiling a Tauri app with certain features.

要使用 Burpsuite、Zap 或 Caido 等渗透测试工具，必须拦截来自 webview 的流量并将其传递通过测试代理。目前 Tauri 没有内置方法来执行此操作，但正在开展工作以简化此过程。

¥To use pentesting tools like Burpsuite, Zap or Caido it is necessary to intercept traffic from the webview and pass it through the testing proxy. Currently Tauri has no inbuilt method to do so but there is ongoing work to ease this process.

所有这些工具都允许在没有源代码访问的情况下正确测试和检查 Tauri 应用，在构建 Tauri 应用时应考虑这些工具。

¥All of these tools allow to properly test and inspect Tauri applications without source code access and should be considered when building a Tauri application.

我们计划在未来进一步支持和实现相关功能。

¥We are planning to further support and implement related features in the future.

WebView 强化

¥WebView Hardening

在 Tauri 当前的威胁模型和边界中，我们无法向 WebView 本身添加更多安全约束，并且由于它是我们堆栈中用内存不安全语言编写的最大部分，因此我们计划研究并考虑进一步沙盒化和隔离 webview 进程的方法。

¥In Tauri’s current threat model and boundaries we are not able to add more security constraints to the WebView itself and since it is the biggest part of our stack which is written in an memory unsafe language, we are planning to research and consider ways to further sandbox and isolate the webview processes.

将评估内置和外部沙盒方法，以减少攻击影响并强制使用 IPC 桥进行系统访问。我们认为我们堆栈的这一部分是薄弱环节，但当前一代 WebView 在强化和漏洞利用弹性方面正在改进。

¥Inbuilt and external sandboxing methods will be evaluated to reduce attack impact and to enforce the IPC bridge for system access. We believe that this part of our stack is the weak link but current generation WebViews are improving in their hardening and exploit resilience.

模糊测试

¥Fuzzing

为了更高效地简化 Tauri 应用的模糊测试过程，我们旨在进一步实现我们的模拟运行时和其他工具，以便更轻松地为单个 Tauri 应用进行配置和构建。

¥To allow more efficient and simplify the process of fuzzing Tauri applications we aim to further implement our mock runtimes and other tooling to make it easier to configure and build for individual Tauri applications.

Tauri 支持多种操作系统和 CPU 架构，通常应用只有很少或没有可能的内存不安全代码。没有预先存在的模糊测试工具和库支持这些不常见的模糊测试用例，因此我们需要实现它并支持现有库（如 libAFL）来构建 Tauri 模糊测试框架。

¥Tauri is supporting a multitude of Operating Systems and CPU architectures, usually apps have only few or no possible memory unsafe code. No pre-existing fuzzing tooling and libraries support these uncommon fuzzing use case, so we need to implement it and support existing libraries like libAFL to build Tauri fuzzing frameworks.

目标是让 Tauri 应用开发者能够访问和高效地进行模糊测试。

¥The goal is to make fuzzing accessible and efficient for Tauri application developers.