|Problems? Is your data what you think it is?|
How to ensure that a supported version of my script is being executed?by sanbiswa (Initiate)
|on Aug 21, 2012 at 06:46 UTC||Need Help??|
sanbiswa has asked for the
wisdom of the Perl Monks concerning the following question:
I have a Perl script ("use"-ing a number of packages written by me) which is supposed to be run from a particular directory (this is the "supported" version of the script). Some smart users are making a local copy of this script and using that after making whatever modifications they want. How to prevent this?
My users can run the script from various platforms (different flavors of Unix and Windows). They run the script typically from command line (or from other scripts) but never from a web interface.
I have an Oracle database which I make use of. By running the modified versions of my script, users can insert/update junk data into the database which I want to stop.
I can think of various ways to check if the absolute path (obtained using, e.g. FindBin) of the script run is a "supported" one, but the problem is that this check is done in the Perl file itself and the malicious user can easily remove that part of the code from his local copy.
Due to the huge number of platforms I have to support, I don't want to do the above check in, e.g. C (where I can have a complied version of the code) as to manage the compilations would be a nightmare then.
Any suggestions would be appreciated.