Solved

complie/hide  csh script

Posted on 2001-07-26
3
244 Views
Last Modified: 2013-12-27

I have a csh script that I do not want users to view/read permission on it. Is there any way I can make a binnary  a binary file of it or encrypt/black-box like it..

0
Comment
Question by:raza
  • 2
3 Comments
 
LVL 5

Expert Comment

by:paulqna
ID: 6326068
Of course chmod 700 gives only the owner and root permission to read/write/execute the file, but if this is not what you're looking for you can encrypt the file using the crypt command or install pgp.

http://pgpdist.mit.edu/distserver/PGPcertsrv_2.5.8_Sol_FW.tar.gz
0
 
LVL 14

Accepted Solution

by:
chris_calabrese earned 50 total points
ID: 6326926
I'm guessing you've embedded passwords in your script or some such.

Instead try putting the passwords in a data file and making the script setgid to a group that is used for nothing but controling access to that file.

The ony way to make a CSH script itself non-readible is if you do something similar with a suid/sgid wrapper that executes the actual CSH script, so it's no easier.

As for compiling the script, I'm not aware of any CSH compilers.

I have seen some SH and KSH compilers, and there's a feature in KSH for dumping/restoring the parse tree, which gives similar effect.  But nothing for CSH.

But meanwhile, this doesn't really help anyway since the determined attacker would just get a dis-assembler and de-compiler and figure out what's going on anyway.  And if you only want that level of protection, you can obscure the sensitive data within your existing CSH script.  Something like like store it XOR'd and then XOR it back to the original right before using it.  This won't stop someone from analyzing the code and figuring out what's going on, but at least the strings won't directly appear in the script.
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 6579036
Umm, I hate to sound ungrateful, but why did you give this answer a 'C' grade?  It's extremely complete and well thought out.  The fact that it doesn't solve your (narrowly defined) problem indicates that your problem may be insolveable.  Don't feel too bad, though, the record companies are still learning this lesson about bits being inherently copyable too.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

My previous tech tip, Installing the Solaris OS From the Flash Archive On a Tape (http://www.experts-exchange.com/articles/OS/Unix/Solaris/Installing-the-Solaris-OS-From-the-Flash-Archive-on-a-Tape.html), discussed installing the Solaris Operating S…
Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now