-----BEGIN PGP SIGNED MESSAGE----- Hello andr0id@midwest.net (Jason Rentz) and Cypherpunks Dr0id wrote:
I have several simple scripts that are simple yet handle important realtime call proccessing tasks and remote control operations. These programs are my programs but are running on a system that is dialed into by the vendor once in a while.
The problem will be that a superuser can do just about anything...
Is there a way to encrypt a script yet still allow it to be runnable? I ...
Well, what's wrong with pgp -f | /bin/sh ? Obviously, it still decrypts before use, and may or may not be useful depending on your application, but it never has a file with the unencrypted script around.
I thought of a few simple protections but they all involve decrypting before running.
It depends on what you want to prevent: copying the scripts, running them, understanding them, or what? To prevent copying/running them, you can use the above script, but you'll have to type in the passphrase each time (checking that noone is watching you, which is impossible with a determined su). If you just want them to not understand, obfuscation should suffice. (But reverse-engineering can still be applied.) (On the "supply useless source" subthread, it is possible to define the term "source code" so as to disallow such obfuscation. See the GNU GPL ("copyleft") licence for an example.) Adiau Jiri - -- If you want an answer, please mail to <jirib@cs.monash.edu.au>. On sweeney, I may delete without reading! PGP 463A14D5 (but it's at home so it'll take a day or two) PGP EF0607F9 (but it's at uni so don't rely on it too much) -----BEGIN PGP SIGNATURE----- Version: 2.6.2i iQCVAwUBMN0vfyxV6mvvBgf5AQGHkwP9EXLywkYYY6yNEAD3psLr/mbd7ACDe9hF NxDdu1LRQqtTmRx2GaozIEg2QWBaADEZ3TP7WyQyN9g81mC5bPk6Ys7imCvSDYW5 U1qg6MuE/biLlKuScE0AlpPeeKmqwSdG8bo8IsnMyyBnaeN1mBvfXVbwXzkpgJ7O 3IwGHbmB/wg= =+g0v -----END PGP SIGNATURE-----