[CALUG] What would YOU do?

Rajiv Gunja opn.src.rocks at gmail.com
Sat Mar 11 15:54:59 CST 2006 

All,
Even though I love Open Source and would love everyone to share their work,
I will have to go with Jason on this one. Yes open source is all fun and
gay, but there comes a time, when you are developing a product or a solution
which might need a little hide and seek.

I do not know how you will be able to use crypt to achieve your goal. There
is an Open Source solution for this. I had to use it almost a year ago, in
my office, to encrypt an expect script, so that my users or level 1 admins
will not be able to get to my passwords on certain machines.

"shc", basically creates a C binary out of your shell script. Yes, I do know
that is very simple to do the same from our side, but why bother when we
have a tool for it. (not to mention my C programing skills are a little
rusty).

Jason, I do not know if this will help, but do look into it.

http://www.linuxsecurity.com/content/view/117920/49/

Just in case, I am including the pdf of that page.

-GGR

---
Rajiv G Gunja
System Analyst / Engg
SUN / AIX / HPUX / Linux Admin
IM: AOL / Yahoo / MSN : ggvrsn


On 3/10/06, Jason C. Miller <jason.c.miller at gmail.com> wrote:
>
> With all due respect, I can tell that you probably don't operate under
> the same business models that we (my company and I) do.  In our
> business, it's about value-added software and often the need to deploy
> rapidly prototyped applications that are well in the infancy of their
> life cycles.  Anyone who's ever gone head-to-head with another company
> to win a contract based solely on your ability to out-innovate your
> competition (and quickly) would understand that.
>
> Allowing access to our software by these competitors with blatantly open
> scripts is unacceptable, at best.
>
> I'm really going to try to avoid going into the ages-old rhetoric of
> open and closed source software.  This is also hardly a contractual
> issue.  I would love to see someone tell Microsoft...."Sure....beat
> everyone to market with your innovations and make sure that you have a
> great EULA to blanket your yet-to-be-secured source because that will
> DEFINATELY keep any drooling competitors from being influenced by your
> problem solving and coding methods".
>
> I'm just a grunt engineer.  I hate dealing with money and I hate dealing
> with managment and contractual issues even more.  I simply wanted to ask
> some seasoned geeks how they would go about protecting the privacy of
> their work until their projects became a little more mature and secure.
> I most certainly am not advocating closed source software or even the
> proprietarization (is that a real word??) of any open source software.
>
> I mean, things like iptables/ipchains is open source, yet there are
> probably plenty of people out there that wouldn't share their firewall
> rules with ANYBODY because maybe they have a particular way of doing
> things that they think brings value to them.  Same concept!  There's
> also openssh.  You can use that to secure everything but the kitchen
> sink.  Just because you're securing your stuff doesn't mean you're
> wanting to close-source everything.
>
> My question is a technical one...pure and simple.  I've got some stuff
> that I want to keep prying eyes away from.
> When I want good insight from some good professionals on how to get
> things done, I typically come here first (well...after Google).  I
> seriously doubt that telling a lawyer "They stole lines from my
> script!!" is the solution to my problem.
>
> Anyway...for anyone out there who's interested.  I'm currently looking
> at the Solaris 'crypt' utility.   Hopefully that'll bring me down some
> good roads.  :)
>
>
>
> -j
>
> James Ewing Cottrell 3rd wrote:
>
> > Don't confuse Ownership with Visibility. You can still write contracts
> > and restrict usage and distribution even tho the source code is
> > available. Your attempt to hide it only does the following: [1] delays
> > your development time while you work out a solution [2] further delays
> > your development while you debug the mess. [3] delays the finish
> > product  while the finished product runs [4] pisses off your customers
> > and everyone who hears about it because you are assuming that they
> > will steal it if you don't hide it.
> >
> > Given that Linux is Open Source Software, you won't get much support
> > here for what you are trying to do here.
> >
> > We understand that you wish to make money, retain ownership and
> > rights. There is still a way to do that without closing your source.
> > Take the High Road and Find the Middle Ground.
> >
> > JIM
> >
> > Jason C. Miller wrote:
> >
> >> I would like to get some advice from all the smart folks out there.
> >>
> >> I was tasked to create a non-trivial application in an unbelievably
> >> unreasonable amount of time.  So, I basically just made a nice
> >> front-end with a bunch of buttons (using Glade) and simply made
> >> system() calls to external bash scripts for each button.  Not my
> >> favorite way of doing business, but, gotta do what ya gotta do.
> >> Anyhoo, I will be making incremental releases of this software and
> >> will be filling in the gaps as I go along.  One problem is that it is
> >> going to be a while before I have the time to implement all of the
> >> button functions in C/C++.
> >> My question to everyone is this...
> >> For the sake of trying to keep code proprietary in the interim , does
> >> anybody have any ideas as to how one could maintain the scripts in a
> >> way that would make it difficult for someone else to understand the
> >> logic that executes within them?
> >> As an example, I considered writing the scripts in PERL and using
> >> perlcc to compile the scripts into system binaries.  This would allow
> >> me to maintain the scripts for development but deploy them as
> >> binaries for delivery. However, in the past, I haven't been very
> >> pleased with the perl compiler and would be happy to avoid it.
> >>
> >> I don't have a very extensive history in subversive development
> >> practices, so I was hoping that someone out there might have some
> >> ideas.  :)
> >>
> >>                                       -jason
> >>
> >>
> >>
>
>
> --
> ***************************************************
> My blog: http://millersplace.blogspot.com/
> ***************************************************
>
> _______________________________________________
> Columbia, Maryland Linux User's Group (CALUG) mailing list
> CALUG Website: http://www.calug.com
> Email postings to: lug at calug.com
> Change your list subscription options:
> http://calug.com/mailman/listinfo/lug
>



--
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://calug.com/pipermail/lug/attachments/20060311/e5fef0ed/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: shc_encrypting_shell_scripts.pdf
Type: application/pdf
Size: 4348 bytes
Desc: not available
Url : http://calug.com/pipermail/lug/attachments/20060311/e5fef0ed/attachment.pdf

More information about the lug mailing list