Link to home
Start Free TrialLog in
Avatar of netskywalker
netskywalker

asked on

how to prevent any "break in" when a process is running?

Hi!
  What I am going to do is writing a applcation. this applcation will do some file operation such like create
some new files, read from or write to these files and close them and then delete them. I wish I can finish whole task without any interference. that's means I don't want anyone can stop or view it before it finish it. for example someone maybe can stop the process by keyborad and view my files content. Or maybe he can go to another console to view those files. is there any way can guaranty this won't be happened?  
Avatar of ahoffmann
ahoffmann
Flag of Germany image

int fid = open( "your-file", O_WRONLY|O_CREAT );
errno = 0;
if (unlink ("your-file") exit( errno );
/* no noone can see the file in the filesystem, just your process haqs a file handle to it */

/* when you finished processing the file, use the file handle to read it into a buffer and write it to a new file */
Avatar of netskywalker
netskywalker

ASKER

 let me make it more clear here. I think I have to expose what is my final goal here now. actually I just want use this application to prevent exposing some kind driver source code to end user.
but for compatibilty sake I still have to give the user source code to compile with kernel.
 so what I am going to do is writing a small application and
use this application to launch a decyption tool to decrypt our encrypted source code into user's hard disk and launch our "Makefile" compile script to compile it to get the final binary driver file.
then I can force system to delete all the Makefile and source code vestigage inside the user's hard drive.
so what I am worring about is just the user could "break in" or pause the compile produre to view our source file content. If you know how to avoid this happen can you sent it to my e-mail account? I still can give the point over here.
my e-mail is hchang23@earthlink.net
thanks!
 
One way around the unlink() strategy is for the spy to access the file via /proc/PID/fd/ .

I have a feeling that anything we could come up with would have a hole in it somewhere.  For example, what if someone writes his own program called "gcc" that just copies its input somewhere?


Here's another idea toward the same goal, though:  Just ship obfuscated source code.  Remove comments, expand macros, and replace every symbol name with something like Sym642.  That's only a little more expositive of the program than object code, and you can still compile it against specific interface header files or for a specific target machine type.


The problem with sending answers privately is that others don't know not to waste their time if the same or better answer has already been given.
.. there are a couple of ways to grab the source (-: you cannot prevent it at all )-:
You just can make it more harder, so that scriptkiddies will fail.
I, agree in "wasting time" for answers sending privately.

We all (which have commented so far) agree that it is not easy to hide the source completetly, with appropriate experiance you'll grab it somehow. Dot.
Anyway, I made a suggestion by email which also notes about this problem. I also suggested to use an "obfuscated" source, netskywalker is testing.

I'll promise I post the suggestion if it works.
to ahoffmann and all:
  I think I can go back here to discuss my question again.
this moment I am trying to find some helpful obfuscator for C source code. use the search engine I found some and still test on it. ahoffmann is the 1st one tell me find it. but until now I still didn't found a better one (to make the souce obfuscated enough)and reliable enough yet. if you knows any one is good plz let me know.
As I know there is a H/w manufacturer call Nvidia. they seems release some part of driver source in the obfuscated form. just don't know what kind obfuscator they are using.
ASKER CERTIFIED SOLUTION
Avatar of ahoffmann
ahoffmann
Flag of Germany image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
As I know there is a H/w manufacturer call Nvidia. they seems release some part of driver source in the obfuscated form. just don't know what kind obfuscator they are using.
As I know there is a H/w manufacturer call Nvidia. they seems release some part of driver source in the obfuscated form. just don't know what kind obfuscator they are using.
the last choice I choose is cobfusc from debian.
but it is very cost time to build a obfuscateion table to decide
which indentifier should be obfuscated. I spend 2 weeks and I did it.
forgot to close this question session. sorry!