On Wednesday, 01/09/2008 at 01:25 EST, David Boyes <[EMAIL PROTECTED]>
wrote:
> > Thanks for the idea - but I cannot recall such a program. If
> > anyone else responds, I will pursue that. In the mean time
>
> I remember it. That's essentially what LIB does; tokenize the exec,
> transfer it into the user's virtual machine over the IUCV connection
> between the LIB server and client, and then jump into the REXX
> interpreter with a pointer set to the preparsed exec.
>
> I'll scrounge around; I probably still have it somewhere, although I'm
> pretty certain the CMS mod will not fit a modern CMS, and it'll take
> some digging to figure out how to enable it, as that was never a
> documented interface AFAIK.
I hate to be a wet blanket, but if said program actually uses IBM source
code, leave it at the bottom of Davy Jones' locker. IBM source code can
be used only to fix something that is broken or to create mods. While you
might argue such a "pre-parser" is a local mod, no such argument can be
made for distribution.
Given that CMS has an "alternate exec processor" capability, and the
ability to execute a REXX exec directly out of memory, it isn't too
terribly difficult to disguise an exec.
1. Write a "compiler" that
a. obfuscates an exec in a reversible way
- Exclusive OR
- Simple substitution cipher (TRANSLATE)
(XEDIT's SET OUTPUT is handy for those in-the-know to read it)
- Encryption (CIPHER MESSAGE)
b. prepends an alternate exec processor header on it
c. writes it to disk with filetype EXEC
2. Write said alternate exec processor that
a. reverses the obfuscation, leaving the result in memory
b. invokes the in-memory exec (hint: use the FBLOCK on the EPLIST)
See the CMS Application Development Guide for information on alternate
exec processors.
The exec that is processed could just be a stub, resulting in the real
program being fetched from a central server or another disk. Maybe that's
what LIB does?
Back in the days when CPUs were really slow, worrying about parsed vs.
pre-parsed was vaguely interesting. Now, not so much. If it's that big
of an issue, buy a REXX compiler. But don't tie obfuscation to
performance. Different solutions to different problems.
Alan Altmark
z/VM Development
IBM Endicott
