Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   33470 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

decrypt(3)	      User Contributed Perl Documentation	    decrypt(3)

NAME
       Filter::decrypt - template for a decrypt source filter

SYNOPSIS
	   use Filter::decrypt ;

DESCRIPTION
       This is a sample decrypting source filter.

       Although this is a fully functional source filter and it does implement
       a very simple decrypt algorithm, it is not intended to be used as it is
       supplied. Consider it to be a template which you can combine with a
       proper decryption algorithm to develop your own decryption filter.

WARNING
       It is important to note that a decryption filter can never provide
       complete security against attack. At some point the parser within Perl
       needs to be able to scan the original decrypted source. That means that
       at some stage fragments of the source will exist in a memory buffer.

       Also, with the introduction of the Perl Compiler backend modules, and
       the B::Deparse module in particular, using a Source Filter to hide
       source code is becoming an increasingly futile exercise.

       The best you can hope to achieve by decrypting your Perl source using a
       source filter is to make it unavailable to the casual user.

       Given that proviso, there are a number of things you can do to make
       life more difficult for the prospective cracker.

       1.   Strip the Perl binary to remove all symbols.

       2.   Build the decrypt extension using static linking. If the extension
	    is provided as a dynamic module, there is nothing to stop someone
	    from linking it at run time with a modified Perl binary.

       3.   Do not build Perl with "-DDEBUGGING". If you do then your source
	    can be retrieved with the "-Dp" command line option.

	    The sample filter contains logic to detect the "DEBUGGING" option.

       4.   Do not build Perl with C debugging support enabled.

       5.   Do not implement the decryption filter as a sub-process (like the
	    cpp source filter). It is possible to peek into the pipe that
	    connects to the sub-process.

       6.   Check that the Perl Compiler isn't being used.

	    There is code in the BOOT: section of decrypt.xs that shows how to
	    detect the presence of the Compiler. Make sure you include it in
	    your module.

	    Assuming you haven't taken any steps to spot when the compiler is
	    in use and you have an encrypted Perl script called "myscript.pl",
	    you can get access the source code inside it using the perl
	    Compiler backend, like this

		perl -MO=Deparse myscript.pl

	    Note that even if you have included the BOOT: test, it is still
	    possible to use the Deparse module to get the source code for
	    individual subroutines.

       7.   Do not use the decrypt filter as-is. The algorithm used in this
	    filter has been purposefully left simple.

       If you feel that the source filtering mechanism is not secure enough
       you could try using the unexec/undump method. See the Perl FAQ for
       further details.

AUTHOR
       Paul Marquess

DATE
       19th December 1995

perl v5.16.3			  2013-04-02			    decrypt(3)

Vote for polarhome