Re: ex encrypted script
At 10:57 PM 12/21/95 -0500, Beavis B. Thoopit wrote:
| Is there a way to encrypt a script yet still allow it to be runnable? I | know that the simple answer is to write it in C and compile it but I don't | have the means of doing that at the moment. (i.e. there is not compiler on | the system) | | I thought of a few simple protections but they all involve decrypting before | running.
Ever hear of chmod? chown? Adam
The vendor also has superuser access.. chmod chown won't protect it.. :(
I once had to obfuscate an awk script. "Cryptography is Economics." My job was to make it difficult for the enemy to steal the source. There was a license agreement...
The simple answer of "no" is right in the strong sense, but there are tricks to make life difficult for the amateur attacker.
My approach was a self-decrypting program. The "real" script was encrypted within the body of the encasing script. For increased obfuscation, decrypt only small pieces at a time.
There is encrypt and then there is render useless to the reader.
A tale I hear is that when HP had to deliver operating system source to the french government they stripped all comments and changed all variable and subroutine names to 32 byte strings of I 1 0 (zero) and O (uppercase O). It still compiled but was 100% useless to human readers.
There is a commercial product out there from Gimpel Software called _The C Shroud_. It removes all structure from the code, replacing it with gotos, renames all the symbols to axxxxxxx, converts constants and strings to hex, substitutes all #defines and expands all macros, strips all formatting and comments, etc., resulting in a perfectly compilable, but infuriatingly obfuscated set of source files. ------------------------------------------------------------------------- Steven Weller | "The Internet, of course, is more | than just a place to find pictures | of people having sex with dogs." stevenw@best.com | -- Time Magazine, 3 July 1995
participants (1)
-
stevenw@best.com