Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!lucy.swin.edu.au!news.rmit.EDU.AU!news.unimelb.EDU.AU!munnari.OZ.AU!news.ecn.uoknor.edu!news.wildstar.net!newsfeed.direct.ca!op.net!en.com!news-xfer.netaxs.com!news.mathworks.com!fu-berlin.de!irz401!orion.sax.de!uriah.heep!news From: j@uriah.heep.sax.de (J Wunsch) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: SHC for FreeBSD 2.1.5 ? Date: 20 Jan 1997 21:30:18 GMT Organization: Private BSD site, Dresden Lines: 49 Message-ID: <5c0o5a$q2k@uriah.heep.sax.de> References: <5bvbu1$fin@spartacus.hula.net> Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) NNTP-Posting-Host: localhost.heep.sax.de Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Newsreader: knews 0.9.6 X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:34328 cyber@spartacus.hula.net (William Martin) wrote: > A previous post talked about a program to compile shell scripts. > Great, now I can secure shell and perl scripts I thought. > > I located the program, called SHC, on the ftp site: > hpux.csc.liv.ac.uk in the directory /hpux/Languages/shc-2.4a/ > named shc-2.4a-ss-10.10.tar.gz . > > Problem is, the program is a port for HP-UX and does not compile > on FreeBSD 2.1.5 . It does compile fine on FreeBSD once you remove a couple of HP/UXisms. The entire program is nothing but a sad joke. I doubt it will be very difficult to decompile such a binary at all. Well, it might be a little more ``secure'' on HP/UX than on FreeBSD: just to prove that my feeling was right, i've ktrace'd the compiled script, and of course, i get the entire original shell script in full beauty in the dump output. :-) (HP/UX doesn't have the equivalent of truss.) Also, the ``compiled'' script was way larger than the original one: j@uriah 495% ./shc -f cvsbug j@uriah 496% ls -l cvsbug cvsbug.x -r-xr-xr-x 1 j bin 14274 Jan 20 22:23 cvsbug* -rwxr-xr-x 1 j bin 20480 Jan 20 22:23 cvsbug.x* Since it'll also be slower, this defeats the entire idea. The entire point of protecting software by obscuring is so boring and pointless that i leave finding out the ``trick'' to compile that beast on FreeBSD as an exercise to the reader. >:-) If you are unable to figure out such simple things yourself, sorry, you are not a software developer. What are you going to ``protect'' then? Apologies in advance to anybody who feels offended by my attitude. But as somebody who's spent countless hours for free software, and whose employer happily allowed to give away code that has been written during my paywork, i'm getting sarcastic about those people... -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)