Re: [ANN] Protect you Unix Shell Scripts!

From: Roger Leigh (${roger}_at_invalid.whinlatter.uklinux.net.invalid)
Date: 10/28/03

  • Next message: Séb: "ftp problems" 
    Date: Tue, 28 Oct 2003 22:17:35 +0000

    nntp@bungisoft.com (Bungisoft, Inc.) writes:

    > Shell scripts are very powerful tools for UNIX development. Due to the
    > fact that they are interpreted, they are easy to develop, inspect,
    > debug and document. But this convenience comes at high price - the
    > threat of intellectual property theft.

    Hmmm.

    > Shell Protector(tm) itself is not a compiler such as cc. It rather
    > encodes and encrypts a shell script, together with the appropriate
    > shell. The final result is a stripped binary which behaves exactly
    > like the original script. Upon execution, the compiled binary will
    > decrypt and execute the code using the encoded shell.
    >
    > The following is the most prominent features of the Shell
    > Protector(tm):
    >
    > * Protects sources
    >
    > * Allows SUID and SGID scripts

    So it's no longer OS/hardware-independent, right? That's the number
    one advantage of a script gone right out of the window.

    > * Makes sure that script runs under correct shell
    >
    > Shell versions may differ wildly from system to system. By
    > packaging shell interpreter together with the executable Shell
    > Protector(tm) provides extra level of platform independency for your
    > scripts.

    That seems like a complete contradiction. If you "include" the shell
    interpreter, it's no longer platform-independent. I have a strong
    suspicion that my Linux/i386 machine won't run IRIX/MIPS sh, or
    Solaris/SPARC sh.

    Most people write platform-independent shell scripts by writing to the
    POSIX sh standard. All modern platforms have a POSIX sh. Most modern
    platforms have Perl as standard, or as an optional extra.

    > With these and other exciting features Bungisoft Shell Protector(tm)
    > is a sure winner for your next project!

    It looks like a complete waste of time. Shell scripts have their
    place, and if I (for whatever reason) didn't want the source to be
    seen, or to allow setuid/setgid use, I'd use a proper compiled
    language, like C or C++. If you need setuid/setgid use, it takes all
    of five minutes to write a portable, platform-independent, C wrapper.

    Lastly, you can do this without "Shell Protector(tm)", since we already
    have a Free shell script compiler/obfuscator which has long been
    popular. It's called GNU m4.

    [GNU m4 2.0 is due to be released soon.]

    BTW, please don't post junk advertising on USENET. 

    -- 
Roger Leigh
                Printing on GNU/Linux?  http://gimp-print.sourceforge.net/
                GPG Public Key: 0x25BFB848.  Please sign and encrypt your mail.
  • Next message: Séb: "ftp problems"