SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG
DONATE


YUM REPOSITORY

 
 

MAN page from RedHat EL 5 perl-Filter-1.34-1.el5.rf.i386.rpm

decrypt

Section: User Contributed Perl Documentation (3)
Updated: 2007-10-11
Index 

NAME

Filter::decrypt - template for a decrypt source filter 

SYNOPSIS

    use Filter::decrypt ;
 

DESCRIPTION

This is a sample decrypting source filter.

Although this is a fully functional source filter and it does implementa very simple decrypt algorithm, it is not intended to be used asit is supplied. Consider it to be a template which you can combine witha proper decryption algorithm to develop your own decryption filter. 

WARNING

It is important to note that a decryption filter can never providecomplete security against attack. At some point the parser within Perlneeds to be able to scan the original decrypted source. That means thatat some stage fragments of the source will exist in a memory buffer.

Also, with the introduction of the Perl Compiler backend modules, andthe B::Deparse module in particular, using a Source Filter to hide sourcecode is becoming an increasingly futile exercise.

The best you can hope to achieve by decrypting your Perl source using asource filter is to make it unavailable to the casual user.

Given that proviso, there are a number of things you can do to makelife more difficult for the prospective cracker.

1.
Strip the Perl binary to remove all symbols.
2.
Build the decrypt extension using static linking. If the extension isprovided as a dynamic module, there is nothing to stop someone fromlinking it at run time with a modified Perl binary.
3.
Do not build Perl with "-DDEBUGGING". If you do then your source canbe retrieved with the "-Dp" command line option.

The sample filter contains logic to detect the "DEBUGGING" option.

4.
Do not build Perl with C debugging support enabled.
5.
Do not implement the decryption filter as a sub-process (like the cppsource filter). It is possible to peek into the pipe that connects tothe sub-process.
6.
Check that the Perl Compiler isn't being used.

There is code in the BOOT: section of decrypt.xs that shows how to detectthe presence of the Compiler. Make sure you include it in your module.

Assuming you haven't taken any steps to spot when the compiler is inuse and you have an encrypted Perl script called ``myscript.pl'', you canget access the source code inside it using the perl Compiler backend,like this

    perl -MO=Deparse myscript.pl

Note that even if you have included the BOOT: test, it is stillpossible to use the Deparse module to get the source code for individualsubroutines.

7.
Do not use the decrypt filter as-is. The algorithm used in this filterhas been purposefully left simple.

If you feel that the source filtering mechanism is not secure enoughyou could try using the unexec/undump method. See the Perl FAQ forfurther details. 

AUTHOR

Paul Marquess  

DATE

19th December 1995


 

Index

NAME
SYNOPSIS
DESCRIPTION
WARNING
AUTHOR
DATE

This document was created byman2html,using the manual pages.