Shell scripts are very powerful tools for UNIX development. Due to the
fact
that they are interpreted, they are easy to develop, inspect, debug
and
document. But this convenience comes at high price - the threat of
intellectual
property theft.  
    
In today's competitive environment, anyone can inspect and change your
elaborately crafted scripts. It is possible and easy for a competitor
to mimic
your work, if not copy outright, without your permission. Furthermore,
unskilled customers or employees may modify installed scripts creating
hard-to-find bugs, increasing your support costs. For companies that
use shell
scripts in commercial products, these annoying issues are becoming a
major
headache. 
    
To address this problem we have created Shell Protector(tm). 

Get get more information and purchase Shell Protector(tm) please go
to:
http://www.bungisoft.com/html/products/shellprotect/shellprotect.html
 
    
Shell Protector's(tm) main purpose is to protect your shell scripts
from
modification or inspection. You can use it if you wish to distribute
your
scripts but don't want them to be easily readable by other people. 
    
Shell Protector(tm) itself is not a compiler such as cc. It rather
encodes and
encrypts a shell script, together with the appropriate shell. The
final result
is a stripped binary which behaves exactly like the original script.
Upon
execution, the compiled binary will decrypt and execute the code using
the
encoded shell. 
    
The following is the most prominent features of the Shell
Protector(tm):
    
*   Protects sources 
    
    Shell scripts can contain a considerably large amount of know-how
and
    development time. In order to protect such a valuable resource you
should
    distribute Shell Protector(tm) produced executables instead of
sources.
    
*   Allows SUID and SGID scripts 
    
    Some systems may be configured in such a way as to ignore set user
id and
    set group id bit when running shell scripts. Such a feature is
indeed very
    useful at times. Although it may also create problems. To bypass
this
    feature on per-use bases, some knowledgeable UNIX system
administrators
    create little C programs, called wrappers, to go around this
limitation.
    However, wrappers, if not well designed and implemented, can
expose your
    system to some well known security vulnerabilities. Shell
Protector(tm) is
    designed to reduce such risk to some degree, it also eliminates
the need for
    programming know-how by system administrators.
    You can thus think of Shell Protector as the universal shell
script wrapper.
    
*   Allows switch user (su) scripts 
    
    This is one of the most interesting features of compiled shell
scripts:
    The process can optionally gain real user id of executable owner,
not only
    effective user id. Group set of executable owner is also set. The
same
    effect can be obtained only by using su (switch user) command.  
    
*   Makes sure that script runs under correct shell 
    
    Shell versions may differ wildly from system to system. By
packaging shell
    interpreter together with the executable Shell Protector(tm)
provides
    extra level of platform independency for your scripts. 
    
*   Runs under the most popular Unix/Linux platforms 
      
    * Solaris/SunOS (SPARC) 
    * Linux 
    
 
With these and other exciting features Bungisoft Shell Protector(tm)
is a sure winner for your next project!
 
Get get more information and purchase Shell Protector(tm) please go
to:
http://www.bungisoft.com/html/products/shellprotect/shellprotect.html

On 27 Oct 2003 20:21:55 -0800, nntp@bungisoft.com (Bungisoft, Inc.)
wrote:

>To address this problem we have created Shell Protector(tm). 
>Shell Protector's(tm) main purpose is to protect your shell scripts
>from
>modification or inspection. You can use it if you wish to distribute
>your
>scripts but don't want them to be easily readable by other people. 

Hey, you can get script protection for free with the "Generic Script
Compiler". It turns your script into a string, encrypts it with RC4,
and puts it into a c executable. 
Get it at:
http://www.datsi.fi.upm.es/~frosal


Our body's 20 milligrams of beta radioactive Potassium 40
emit about 340 million neutrinos per day, which go at well-nigh
lightspeed to the ends of the universe!..even thru the earth. 

nntp@bungisoft.com (Bungisoft, Inc.) writes:

> Shell scripts are very powerful tools for UNIX development. Due to the
> fact that they are interpreted, they are easy to develop, inspect,
> debug and document. But this convenience comes at high price - the
> threat of intellectual property theft.

Hmmm.

> Shell Protector(tm) itself is not a compiler such as cc. It rather
> encodes and encrypts a shell script, together with the appropriate
> shell. The final result is a stripped binary which behaves exactly
> like the original script.  Upon execution, the compiled binary will
> decrypt and execute the code using the encoded shell.
>     
> The following is the most prominent features of the Shell
> Protector(tm):
>     
> * Protects sources
>     
> * Allows SUID and SGID scripts

So it's no longer OS/hardware-independent, right?  That's the number
one advantage of a script gone right out of the window.

> * Makes sure that script runs under correct shell
>     
>     Shell versions may differ wildly from system to system. By
> packaging shell interpreter together with the executable Shell
> Protector(tm) provides extra level of platform independency for your
> scripts.

That seems like a complete contradiction.  If you "include" the shell
interpreter, it's no longer platform-independent.  I have a strong
suspicion that my Linux/i386 machine won't run IRIX/MIPS sh, or
Solaris/SPARC sh.

Most people write platform-independent shell scripts by writing to the
POSIX sh standard.  All modern platforms have a POSIX sh.  Most modern
platforms have Perl as standard, or as an optional extra.

> With these and other exciting features Bungisoft Shell Protector(tm)
> is a sure winner for your next project!

It looks like a complete waste of time.  Shell scripts have their
place, and if I (for whatever reason) didn't want the source to be
seen, or to allow setuid/setgid use, I'd use a proper compiled
language, like C or C++.  If you need setuid/setgid use, it takes all
of five minutes to write a portable, platform-independent, C wrapper.

Lastly, you can do this without "Shell Protector(tm)", since we already
have a Free shell script compiler/obfuscator which has long been
popular.  It's called GNU m4.


[GNU m4 2.0 is due to be released soon.]


BTW, please don't post junk advertising on USENET.

-- 
Roger Leigh

                Printing on GNU/Linux?  http://gimp-print.sourceforge.net/
                GPG Public Key: 0x25BFB848.  Please sign and encrypt your mail.

Centuries ago, Nostradamus foresaw when Roger Leigh <${roger}@invalid.whinlatter.uklinux.net.invalid> would write:
> It looks like a complete waste of time.  Shell scripts have their
> place, and if I (for whatever reason) didn't want the source to be
> seen, or to allow setuid/setgid use, I'd use a proper compiled
> language, like C or C++.  If you need setuid/setgid use, it takes all
> of five minutes to write a portable, platform-independent, C wrapper.

... And based on the script I'll be working on today, they are _way_
too often implementing Rube Goldberg-like devices where it is somewhat
amazing that they work at all.

The scripts I see tend to fall into one of two categories:

 1.  Processes that are intended to be portable, and which I'd
     probably rather be part of a free software project so I might
     conceivably evade doing maintenance on it.

 2.  Processes that are hideously non-portable, implementing
     things that are pretty much weird that probably only work
     on one host.

In neither case is obfuscation of much value.  In case 1, I wanted to
share the code.  In case 2, the code is useless to anyone outside my
environment.
-- 
"aa454","@","freenet.carleton.ca"
http://cbbrowne.com/info/rdbms.html
I'd give my right arm to be ambidextrous! 

>>>>> "Bungisoft," == Bungisoft, Inc <nntp@bungisoft.com> writes:

Bungisoft,> Shell Protector's(tm) main purpose is to protect your shell scripts
Bungisoft,> from
Bungisoft,> modification or inspection. You can use it if you wish to distribute
Bungisoft,> your
Bungisoft,> scripts but don't want them to be easily readable by other people. 

Most people who want to hide their source code do so out of
embarassment.

:-)

-- 
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn@stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!