Fletch,
I am not sure how that helps. I think it "fails" for the same reason Storable fails. If the "bad guys" have the ability to see the perl to know it is a storable file in the first place, then they would know how to reverse the process. This is all hand wavy since I don't think we are getting the whole story.
Assuming that the "bad guys" have the ability to read the perl script but not execute it, then I would suggest using AES encryption and storing the key in a file that can be read by the process executing the perl script but not by the "bad guy". Again, very hand wavy.
| [reply] |
He's not looking to keep out bad guys (at least that's how I took the "Basically I'm just trying to keep the honest people honest :)" comment), but just trying to obfuscate things to prevent overeager-but-authorized users from monkeying with the shiny bits inside. Gzip'ing it and removing the magic puts an admittedly tiny speed bump in front of them.
At least that's how I read it; he's not looking for a safe, he's looking for a way to keep the too-smart-for-their-own-good from taking a blunt object to the engine of their own car. But if it were a case of guarding against black hats then yes sound proven crypto (AES, Blowfish, yadda yadda) certainly would be the way to go.
Update: Tweaked second para's first sentence.
The cake is a lie.
The cake is a lie.
The cake is a lie.
| [reply] |
Fletch,
I am still confused. Perhaps it is because I have never attempted to modify a Storable file with vi. I, perhaps incorrectly, assumed that the issue was that the "bad guy" (yes, I intentionally quoted it because I realize what we are talking about) could see that it was a Storable file and then manipulate it (using perl). If that's the case, then compressing it gives no advantage because they could just uncompress it (using perl).
| [reply] |