Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical
 
PerlMonks  

Password Protect a Perl Script

by smart_amorist (Initiate)
on Oct 29, 2013 at 01:55 UTC ( [id://1060097]=perlquestion: print w/replies, xml ) Need Help??

smart_amorist has asked for the wisdom of the Perl Monks concerning the following question:

Hi All, I came across a situation where we are hard coding some critical information in a Perl script. Searched around but could not find a way to password protect the Perl Script. We can encrypt the script using existing encryption mechanisms, but I still prefer password protection. So I mean to say that someone should not be able to view or cat Perl script. We can set password on a file using vi -x but when I am setting password on Perl script using vi -x, I am unable to execute the script as it is giving error. (because vi -x is adding some unknown characters to script) Is there any workaround to it? Any help much appreciated.

Replies are listed 'Best First'.
Re: Password Protect a Perl Script
by atcroft (Abbot) on Oct 29, 2013 at 02:11 UTC

    Unless someone posts a better idea, my suggestion would be to pull the critical information out of the script into a configuration file that is read by the script, then set the permissions on the file such that only the user the script is running as can read it (0500 under *nix, for example). You may also wish to store the configuration file in a directory location that is also unavailable to other users.

    An alternative might be to encrypt the configuration file, and decrypt it when it is read. This, however, runs into a similar issue as before, with the key having to be accessible to the script, and therefore anyone use who can read it.

    Hope that helps, and look forward to seeing the comments and suggestions of others to your query.

      Minor, nitpicky correction: The proper file mode (permissions) for the config file would be 0400, not 0500. There's generally no reason for configurations to be executable.
Re: Password Protect a Perl Script
by LanX (Saint) on Oct 29, 2013 at 02:07 UTC
    > Is there any workaround to it?

    often asked, always denied.

    The perl-interpreter needs to read plain text, whichever en- and decryption you are doing, can be read by a man in the middle.

    > I came across a situation where we are hard coding some critical information in a Perl script.

    don't.

    Cheers Rolf

    ( addicted to the Perl Programming Language)

      One could compile one's own copy of Perl, modifying it in such a way that it decrypts encrypted scripts before doing its usual thing. With asymmetric encryption one could compile the private key into the executable. The command line perl --key would print the public key that one has to use to encrypt the scripts. Or even better, perl --encrypt script.pl would encrypt the script.

        Just make sure to deny loading any of the optree dumper modules, things that rewind __DATA__, etc. There are many avenues for attacking this setup. At best, it raises the bar a bit.

        --MidLifeXis

Re: Password Protect a Perl Script
by Anonymous Monk on Oct 29, 2013 at 02:06 UTC

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://1060097]
Approved by Athanasius
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others surveying the Monastery: (3)
As of 2024-03-28 17:17 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found