How to hide or unexpose source codes.
 

Hi,

How do one prevent their source code (say a PERL program), from being exposed ?

THanks :)

Use a compiled language (C, C++, Java, etc.) PERL is interpreted at startup, therefor readable by anyone able to run the program. There are PERL compilers available. I don't use them so I can't comment on their abilities.

This will set it as -rwx--x--x which means the owner can read and write it, but everyone else can only execute it.

Execute bit only will not work for PERL scripts. You need to be able to read them too. PERL scripts are interpreted at startup. Unlike a compiled program that can be run with only the execute bit.

Same thing for a shell script. Execute permission alone is not good enough.

Ok Thanks, i try both, + a compiler.

http://www.cit.gu.edu.au/~anthony/in...adable.scripts

Try this if you want to still be able to edit the script in place (without tricks).

http://www.linuxsecurity.com/content/view/117920/

This is a cool little program as well but I believe it only works with shell scripts and not perl. It create a C program which is the same as your shell script, and encrypts it as well. You can then make it unreadable or not (the user won't be able to decipher it either way).

EDIT: Please see next message for a howto (as linux disallows setgid shell scripts). This behavior is not constant across all Unix and Unix-like operating systems... which is why I was sure the first version worked -- it just doesn't work on Linux, or BSD for that matter but that's another story of me being boneheaded.

Okay, we have a shell, perl, or any other script which can be directly executed /usr/local/noreading/foobar for this example which we don't want our users to be able to read.

First add a group for it, add a line like what follows to /etc/group:
Note, the number 23005 can be any number you want as long as it is not already in use. The same with the group name.

Then create a C program, which will do nothing but call our script.
Then compile the script:
Be sure to switch the runfoobar parts with the name of your file and intended program name.

Move the program to where you want. Then type:
Remember to change all the names and values for what is actually on your system. I placed the example file in a directory which isn't on the default path. So you could have the same name for both the shell script and the binary program which calls it. Just make sure you type in the complete path.

This does not currently pass any arguments. You can add arguments by editing the execl(...) line to something like:
This will pass all the arguments to the script. Note, if your script does not need or expect arguments... use the first method.

:scratch:

Thanks, so much for your sharing of information.....

Although i dont know anything abt C, but i will try to follow ur advise as much as possible.

:p

Follow the steps as best you can (you only need to change the path in the C program to point to the actual script). If you need help, or have a problem, just ask.

It is one of the easiest ways. Once you have the wrapper program in place (the compiled C code), you can edit the script all you want.

Edit: And since you don't know anything about C, this is by far the easiest way to make the scripts unreadable. Much easier than actually porting them to C or another compiled language. You don't need to know C at all here, just drop the full path to the script in the above code and compile it with the command given.