There is NO technical way to protect a perl script. PAR and friends can be unpacked (see Uncool Use Of Perl: perl2exe. decompile quick steps), obfuscation can be removed (perl -MO=Deparse obfu.pl), and even the most advanced encryption algorithm is useless because you have to provide both the decryption algorithm and the decryption key to run the script. Break before the parser starts reading the decrypted code, print the code, done.
Really?
One way which comes to mind is to split the script into two parts, one of which runs on a trusted system where you get to define "trusted". The source on the untrusted portion may as well be regarded as open to view. The trusted portion of the source should be well hidden and perform a service sufficiently complicated that an attacker finds it cheaper to play by your rules than to write or pay for a re-implementation.
Paul
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.
|