We help IT Professionals succeed at work.

how to prevent any "break in" when a process is running?

netskywalker
netskywalker asked
on
Hi!
  What I am going to do is writing a applcation. this applcation will do some file operation such like create
some new files, read from or write to these files and close them and then delete them. I wish I can finish whole task without any interference. that's means I don't want anyone can stop or view it before it finish it. for example someone maybe can stop the process by keyborad and view my files content. Or maybe he can go to another console to view those files. is there any way can guaranty this won't be happened?  
Comment
Watch Question

CERTIFIED EXPERT

Commented:
int fid = open( "your-file", O_WRONLY|O_CREAT );
errno = 0;
if (unlink ("your-file") exit( errno );
/* no noone can see the file in the filesystem, just your process haqs a file handle to it */

/* when you finished processing the file, use the file handle to read it into a buffer and write it to a new file */

Author

Commented:
 let me make it more clear here. I think I have to expose what is my final goal here now. actually I just want use this application to prevent exposing some kind driver source code to end user.
but for compatibilty sake I still have to give the user source code to compile with kernel.
 so what I am going to do is writing a small application and
use this application to launch a decyption tool to decrypt our encrypted source code into user's hard disk and launch our "Makefile" compile script to compile it to get the final binary driver file.
then I can force system to delete all the Makefile and source code vestigage inside the user's hard drive.
so what I am worring about is just the user could "break in" or pause the compile produre to view our source file content. If you know how to avoid this happen can you sent it to my e-mail account? I still can give the point over here.
my e-mail is hchang23@earthlink.net
thanks!
 

Commented:
One way around the unlink() strategy is for the spy to access the file via /proc/PID/fd/ .

I have a feeling that anything we could come up with would have a hole in it somewhere.  For example, what if someone writes his own program called "gcc" that just copies its input somewhere?


Here's another idea toward the same goal, though:  Just ship obfuscated source code.  Remove comments, expand macros, and replace every symbol name with something like Sym642.  That's only a little more expositive of the program than object code, and you can still compile it against specific interface header files or for a specific target machine type.


The problem with sending answers privately is that others don't know not to waste their time if the same or better answer has already been given.
CERTIFIED EXPERT

Commented:
.. there are a couple of ways to grab the source (-: you cannot prevent it at all )-:
You just can make it more harder, so that scriptkiddies will fail.
CERTIFIED EXPERT

Commented:
I, agree in "wasting time" for answers sending privately.

We all (which have commented so far) agree that it is not easy to hide the source completetly, with appropriate experiance you'll grab it somehow. Dot.
Anyway, I made a suggestion by email which also notes about this problem. I also suggested to use an "obfuscated" source, netskywalker is testing.

I'll promise I post the suggestion if it works.

Author

Commented:
to ahoffmann and all:
  I think I can go back here to discuss my question again.
this moment I am trying to find some helpful obfuscator for C source code. use the search engine I found some and still test on it. ahoffmann is the 1st one tell me find it. but until now I still didn't found a better one (to make the souce obfuscated enough)and reliable enough yet. if you knows any one is good plz let me know.

Author

Commented:
As I know there is a H/w manufacturer call Nvidia. they seems release some part of driver source in the obfuscated form. just don't know what kind obfuscator they are using.
CERTIFIED EXPERT
Commented:
well, I'm not obfuscated, but out of hints.
Probably try asking people at http://www.ioccc.org/ ;-)

And some from my (probably out-dated) link list:
http://remus.rutgers.edu/~rhoads/Obfuscated_C/obfuscate.html
http://reality.sgi.com/csp/ioccc/

Author

Commented:
As I know there is a H/w manufacturer call Nvidia. they seems release some part of driver source in the obfuscated form. just don't know what kind obfuscator they are using.

Author

Commented:
As I know there is a H/w manufacturer call Nvidia. they seems release some part of driver source in the obfuscated form. just don't know what kind obfuscator they are using.

Author

Commented:
the last choice I choose is cobfusc from debian.
but it is very cost time to build a obfuscateion table to decide
which indentifier should be obfuscated. I spend 2 weeks and I did it.

Author

Commented:
forgot to close this question session. sorry!

Explore More ContentExplore courses, solutions, and other research materials related to this topic.