From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
To: andr0id@midwest.net (Jason Rentz)
Message Hash: 447bc7dc742d7aea19f82dbb5482e1a0bbfaac24d24c291745ccc49800601957
Message ID: <199512241046.VAA06529@sweeney.cs.monash.edu.au>
Reply To: <199512202339.RAA05220@cdale1.midwest.net>
UTC Datetime: 1995-12-24 11:03:42 UTC
Raw Date: Sun, 24 Dec 1995 19:03:42 +0800
From: Jiri Baum <jirib@sweeney.cs.monash.edu.au>
Date: Sun, 24 Dec 1995 19:03:42 +0800
To: andr0id@midwest.net (Jason Rentz)
Subject: Re: ex encrypted script
In-Reply-To: <199512202339.RAA05220@cdale1.midwest.net>
Message-ID: <199512241046.VAA06529@sweeney.cs.monash.edu.au>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
Hello andr0id@midwest.net (Jason Rentz)
and Cypherpunks
Dr0id wrote:
> I have several simple scripts that are simple yet handle important realtime
> call proccessing tasks and remote control operations. These programs are my
> programs but are running on a system that is dialed into by the vendor once
> in a while.
The problem will be that a superuser can do just about anything...
> Is there a way to encrypt a script yet still allow it to be runnable? I
...
Well, what's wrong with
pgp -f | /bin/sh
? Obviously, it still decrypts before use, and may or may not be
useful depending on your application, but it never has a file with
the unencrypted script around.
> I thought of a few simple protections but they all involve decrypting before
> running.
It depends on what you want to prevent: copying the scripts, running
them, understanding them, or what?
To prevent copying/running them, you can use the above script, but
you'll have to type in the passphrase each time (checking that noone
is watching you, which is impossible with a determined su).
If you just want them to not understand, obfuscation should suffice.
(But reverse-engineering can still be applied.)
(On the "supply useless source" subthread, it is possible to define
the term "source code" so as to disallow such obfuscation. See the
GNU GPL ("copyleft") licence for an example.)
Adiau
Jiri
- --
If you want an answer, please mail to <jirib@cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
iQCVAwUBMN0vfyxV6mvvBgf5AQGHkwP9EXLywkYYY6yNEAD3psLr/mbd7ACDe9hF
NxDdu1LRQqtTmRx2GaozIEg2QWBaADEZ3TP7WyQyN9g81mC5bPk6Ys7imCvSDYW5
U1qg6MuE/biLlKuScE0AlpPeeKmqwSdG8bo8IsnMyyBnaeN1mBvfXVbwXzkpgJ7O
3IwGHbmB/wg=
=+g0v
-----END PGP SIGNATURE-----
Return to December 1995
Return to “Tom Zerucha <root@deimos.toad.com>”