in reply to
Re^5: Authentication with /etc/shadow
in thread Authentication with /etc/shadow
Yes, checksum is a good idea, I'd already decided on hardware checks.
Also, checking code is kept in the main loop - no function calls - for the reason you suggest and is encountered prior to any sensitive functionality. (also duplicated within the most sensitive function block in a .pm file) If any checks fail the program goes into a blind loop and never encounters the sensitive instructions
I suppose I am, in the immediate instance, trying to rely on and beef up the limited security value of perlapp executables in order to buy myself some time to develop a better solution. My hope is that a perlapp could not be easily decrypted cold and that it would probably be run to be cracked. When it runs I may be able to get lucky.
I know it's a less than perfect situation but it's all I've got now, this minute. I can only do the best I can with the tools I've got in the situation I find myself.
Perl is an unbeatable problem solving and prototyping system. It has solved problems here that I doubt could have been as well done with other languages. The client is well pleased, so pleased they are insisting on going live NOW, with a Perl only setup. They have "Confidence in my ability to safeguard their interests" .... They are non-technical and have more confidence than I do...