[ANN] Protect you Unix Shell Scripts! - Linux

This is a discussion on [ANN] Protect you Unix Shell Scripts! - Linux ; Shell scripts are very powerful tools for UNIX development. Due to the fact that they are interpreted, they are easy to develop, inspect, debug and document. But this convenience comes at high price - the threat of intellectual property theft. ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: [ANN] Protect you Unix Shell Scripts!

  1. [ANN] Protect you Unix Shell Scripts!

    Shell scripts are very powerful tools for UNIX development. Due to the
    fact
    that they are interpreted, they are easy to develop, inspect, debug
    and
    document. But this convenience comes at high price - the threat of
    intellectual
    property theft.

    In today's competitive environment, anyone can inspect and change your
    elaborately crafted scripts. It is possible and easy for a competitor
    to mimic
    your work, if not copy outright, without your permission. Furthermore,
    unskilled customers or employees may modify installed scripts creating
    hard-to-find bugs, increasing your support costs. For companies that
    use shell
    scripts in commercial products, these annoying issues are becoming a
    major
    headache.

    To address this problem we have created Shell Protector(tm).

    Get get more information and purchase Shell Protector(tm) please go
    to:
    http://www.bungisoft.com/html/produc...llprotect.html


    Shell Protector's(tm) main purpose is to protect your shell scripts
    from
    modification or inspection. You can use it if you wish to distribute
    your
    scripts but don't want them to be easily readable by other people.

    Shell Protector(tm) itself is not a compiler such as cc. It rather
    encodes and
    encrypts a shell script, together with the appropriate shell. The
    final result
    is a stripped binary which behaves exactly like the original script.
    Upon
    execution, the compiled binary will decrypt and execute the code using
    the
    encoded shell.

    The following is the most prominent features of the Shell
    Protector(tm):

    * Protects sources

    Shell scripts can contain a considerably large amount of know-how
    and
    development time. In order to protect such a valuable resource you
    should
    distribute Shell Protector(tm) produced executables instead of
    sources.

    * Allows SUID and SGID scripts

    Some systems may be configured in such a way as to ignore set user
    id and
    set group id bit when running shell scripts. Such a feature is
    indeed very
    useful at times. Although it may also create problems. To bypass
    this
    feature on per-use bases, some knowledgeable UNIX system
    administrators
    create little C programs, called wrappers, to go around this
    limitation.
    However, wrappers, if not well designed and implemented, can
    expose your
    system to some well known security vulnerabilities. Shell
    Protector(tm) is
    designed to reduce such risk to some degree, it also eliminates
    the need for
    programming know-how by system administrators.
    You can thus think of Shell Protector as the universal shell
    script wrapper.

    * Allows switch user (su) scripts

    This is one of the most interesting features of compiled shell
    scripts:
    The process can optionally gain real user id of executable owner,
    not only
    effective user id. Group set of executable owner is also set. The
    same
    effect can be obtained only by using su (switch user) command.

    * Makes sure that script runs under correct shell

    Shell versions may differ wildly from system to system. By
    packaging shell
    interpreter together with the executable Shell Protector(tm)
    provides
    extra level of platform independency for your scripts.

    * Runs under the most popular Unix/Linux platforms

    * Solaris/SunOS (SPARC)
    * Linux


    With these and other exciting features Bungisoft Shell Protector(tm)
    is a sure winner for your next project!

    Get get more information and purchase Shell Protector(tm) please go
    to:
    http://www.bungisoft.com/html/produc...llprotect.html

  2. Re: [ANN] Protect you Unix Shell Scripts!

    On 27 Oct 2003 20:21:55 -0800, nntp@bungisoft.com (Bungisoft, Inc.)
    wrote:

    >To address this problem we have created Shell Protector(tm).
    >Shell Protector's(tm) main purpose is to protect your shell scripts
    >from
    >modification or inspection. You can use it if you wish to distribute
    >your
    >scripts but don't want them to be easily readable by other people.


    Hey, you can get script protection for free with the "Generic Script
    Compiler". It turns your script into a string, encrypts it with RC4,
    and puts it into a c executable.
    Get it at:
    http://www.datsi.fi.upm.es/~frosal


    Our body's 20 milligrams of beta radioactive Potassium 40
    emit about 340 million neutrinos per day, which go at well-nigh
    lightspeed to the ends of the universe!..even thru the earth.

  3. Re: [ANN] Protect you Unix Shell Scripts!

    Centuries ago, Nostradamus foresaw when Roger Leigh <${roger}@invalid.whinlatter.uklinux.net.invalid> would write:
    > It looks like a complete waste of time. Shell scripts have their
    > place, and if I (for whatever reason) didn't want the source to be
    > seen, or to allow setuid/setgid use, I'd use a proper compiled
    > language, like C or C++. If you need setuid/setgid use, it takes all
    > of five minutes to write a portable, platform-independent, C wrapper.


    ... And based on the script I'll be working on today, they are _way_
    too often implementing Rube Goldberg-like devices where it is somewhat
    amazing that they work at all.

    The scripts I see tend to fall into one of two categories:

    1. Processes that are intended to be portable, and which I'd
    probably rather be part of a free software project so I might
    conceivably evade doing maintenance on it.

    2. Processes that are hideously non-portable, implementing
    things that are pretty much weird that probably only work
    on one host.

    In neither case is obfuscation of much value. In case 1, I wanted to
    share the code. In case 2, the code is useless to anyone outside my
    environment.
    --
    "aa454","@","freenet.carleton.ca"
    http://cbbrowne.com/info/rdbms.html
    I'd give my right arm to be ambidextrous!

  4. Re: [ANN] Protect you Unix Shell Scripts!

    >>>>> "Bungisoft," == Bungisoft, Inc writes:

    Bungisoft,> Shell Protector's(tm) main purpose is to protect your shell scripts
    Bungisoft,> from
    Bungisoft,> modification or inspection. You can use it if you wish to distribute
    Bungisoft,> your
    Bungisoft,> scripts but don't want them to be easily readable by other people.

    Most people who want to hide their source code do so out of
    embarassment.

    :-)

    --
    Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095

    Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
    See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!

+ Reply to Thread