On Tue, Jan 08, 2002 at 07:26:42PM +0000, Stuart wrote:
> Hi All,
>
> I have a few perl files that I need to send out to a client. However, we do
> not want them seeing what are in the files for obvious reason. Is there any
> way that I can hide the info in the files, or should I creat an executable.
---end quoted text---
Hi Stuart,
Are you saying that there is sensitive data enclosed in the file like:
$database='deepthought';
$password='l3tm3In';
Say for use with databases that your company owns?
If there is sensitive data like this, consider using a seperate file to store
the settings in and then encrypting it using a standard Perl module from CPAN,
(http://www.cpan.org/ it's where we share the fruits of our labour ;) something
like DES cyphers should be more than adequate. Or roll-yer-own, I worked
in a S/W house that used rot 13 of all things, something like:
tr/a-nm-zA-NM-Z/m-za-nM-ZA-n/;
should replicate that but I'd not recommend it.
If the Perl code itself is what you want to conceal then consider:
1) Perl is open source, so anything written with it should be too.
Check the legality, I've never written Perl code to resell so
don't know.
2) Having source code viewable to all, means it has to be secure in
better ways. Remember "obscurity is not security". If you compiled
the code people could still strace it and see what you were doing.
3) Owning software is bad mmmkay; better to make it open-source
and let others test/debug/submit patches to make robust code at
the slight cost of not being able to charge for the code, just
the support and development time.
A metric of this is Red-Hat (I don't like RH but it's an example):
when Red-Hat 7.0 was release several thousand bugs were logged by
users, within a fortnight almost all were resolved: compare that
to the rate of bug-fix in Windows. The trick is users were submitting
fixes.
>From your post I assumed the former (hiding sensitive data) was what you wanted
and the latter is redundant, from the replies it seemed people thought you meant
the latter. I'm hoping it's a misunderstanding.
Randal's book "Learning Perl" deals with seperating config data. For
rolling your own cyphers to encrypt stuff, you'll need something like
"Algolrithms in Perl" or to trust CPAN.
All the best.
--
Frank Booth - Consultant
Parasol Solutions Limited.
(www.parasolsolutions.com)
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
