Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Securing a UNIX Perl script 1

Status
Not open for further replies.

duncdude

Programmer
Jul 28, 2003
1,979
GB
Can anyone tell me if it is possible to secure a script so that anyone trying to open it will simply see jibberish - i.e. would it be possible to wrap a script up using something like Platypus

I would like to do this with a CGI script in particular

Many thanks
Duncan
 
perlfilter does what you want, not easily though.

Documentation on my system is at file://C:\Perl\html\lib\Pod\perlfilter.html

Mike

You cannot really appreciate Dilbert unless you've read it in the
original Klingon.

Want great answers to your Tek-Tips questions? Have a look at faq219-2884

 
If it's a CGI script then no-one client side can see it anyway.
The whole point of CGI is that it generates output that the client browser sees. It never gets access to the CGI source.


Trojan.

 
That's fantastic! Thank you Mike - I'll give it a go & let u know how I got on

Cheers
Duncan


Kind Regards
Duncan
 
Thanks for your comments Trojan - unfortunately I have no option but to put the script on their server

Duncan


Kind Regards
Duncan
 
I have written a script that can edit QuarkXpress EPS files via a web form. It lcocates pointers within the file and alters the EPS. It then - using Ghostscript and Image::Magick - produces a proof for the client to see. Unfortunately it is now possible for them to make as many templates as they like - and utilise my script, I can't have that!!!

Regards
Duncan


Kind Regards
Duncan
 
Then either you should restrict it to a webserver under your control only, or migrate it to a different language.
It is possible to "encrypt" (and I use the term in it's loosest sense!) the source but it's usually trivial to unencrypt it.
Binaries are the obvious way forward or better still, use your own server.

Trojan.
 
I've had some very good results with Perl2Exe.

Mike

You cannot really appreciate Dilbert unless you've read it in the
original Klingon.

Want great answers to your Tek-Tips questions? Have a look at faq219-2884

 
maybe I can give the script to someone with a PC and they can Perl2Exe it for me!?


Kind Regards
Duncan
 
That would not be legal.

Mike

You cannot really appreciate Dilbert unless you've read it in the
original Klingon.

Want great answers to your Tek-Tips questions? Have a look at faq219-2884

 
And futile, for if you use perl2exe to make a Windows x86 binary, it won't be useful on any other kind of system.

Better to use a simple code filter and obfuscate your code (keep the good people clean), or get more honest clients that won't try and rip you off.

________________________________________
Andrew
 
You can use the PAR tool to do this.
Follow this link

This would allow you to create the executables for deployment. Alternatively you may use the Activestates IDE and it would create the executables.

To Obfuscate the code you can also use filters once you install PAR. This would render the code to become scrambled while maintaining the functionality.

pp -F Bleach will obfuscate all the code that you may have.

HTH
 
PAR will make an executable, but won't compile the perl code in any fashion. It just packages it up into a .zip style package.

You can use a nice obfuscating filter, but you have to undo them to run the code, so you don't gain much for someone who really wants a look (though Acme::Bleach is kind of fun). There's probably something out there like the javascript obfuscating filters that rename all your variables and remove all unneccessary whitespace. The code still works, even looks like code, but not simple, maintainable code.

________________________________________
Andrew
 
Yes PAR would not compile the code. The compile may be performed using perlcc if that is needed. If you do a pp -c it will perform a dependency check. If this package is needed to be deployed we can then package it using PAR.

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top