LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-13-2007, 11:49 PM   #1
majid_f
LQ Newbie
 
Registered: Jun 2007
Location: Karaj, Iran
Posts: 3

Rep: Reputation: 0
Preventing disc copy


Help Little Bill Blue Hill. Will you, ... please?
Bill has writen a cool php+mysql app called ass_saver. He has humbly placed a 5 figure price tag on it - 'all cool things in life, have a five figure price tag on them'. Ass_saver is intended to work on a LAN
This is what he plans to do to save HIS ass so to speak:
1. On each client's server he installs Linux, then Apache, then MySQL, then php, and finally ass_saver.
Note: He does not give anyone any source code or installer or anything - he just plain installs everything himself.
2. He chooses the most restrictive file/directory/database access permissions so that nothing is accessible from the console. ass_saver can only be accessed as served dynamic html pages requested from the machines on the LAN.
Question 1: How do you acheive this much restriction? chmod what? root?
3. After he is done he turns the server to the client and leaves with his check. But that same night he has a nightmare. In his nightmare he sees the client is not using ass_saver, but abusing Bills ass. How? They have taken the hard disk out of the server's case and have made it slave to the primary on a w*dos machine and are diskcopying it to other hard disks. Within a few days they make hundreds of duplicates. and start selling them at one-tenth of Bills price.
Question 2: Could that happen outside the fuzzy world of dreams?
4. Latter in his dream Bill is sitting in his office looking at his goldfish when his cell phone rings. It's the customer. He proposes a deal:
'As you know, we cannot change the company name and logo, but at one-tenth of your price we can find hundreds of clients who will be willing to buy ass_saver even with our company name and logo on them. And for your information our chief programmer has written a cool Grease Monkey script to replace the name and logo without any effort from the client'
'So, go and do that bastard. Why have you called me then?'
'Because sooner or latter one of our clients will be as smart as our self and make duplicates and sell them for three figure sums, ... or worse, ... you might go mad and publish the source and give birth to what might be called open source movement.'
'And how is all that going to change?'
'We can change the source so that the duplicates do not work.'
'How?'
Question 3-5: [3]Which options below work and which don't? - [4]Why? - [5]How?
Option 1 - Use serial number of the hard disk
Option 2 - Use a hardware lock connected to the server's serial or parallel port
Option 3 - Use the NIC address of the network card present on the server

----------------------------------------
I (Bill's agent), thank you for any suggestions.
 
Old 06-14-2007, 02:26 AM   #2
p_s_shah
Member
 
Registered: Mar 2005
Location: India
Distribution: RHEL 3/4, Solaris 8/9/10, Fedora 4/8, Redhat Linux 9
Posts: 237
Blog Entries: 1

Rep: Reputation: 34
For Securing Application:
1. Encrypt/Encode the php code of ass_saver with ioncube [Php encoder] like applications.
2. Generate Serial key based on any uniq parameter like MAC adderess.
3. Add some checks for serial key in Encrypted/Encoded code.

If ass_saver is an online application, then add code for checking authenticity from Centralized database on Bill's online server.

Last edited by p_s_shah; 06-14-2007 at 02:27 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Disc Copy ravi Linux - General 3 05-23-2007 05:55 PM
slack 10 hard disc copy and config rhythmking Slackware 4 11-21-2006 08:13 AM
copy hard disc data, with permissions tidasu Linux - Newbie 3 08-29-2004 08:30 PM
Disc clone/copy szak Linux - Newbie 1 01-21-2002 07:40 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:23 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration