/ 
Filter-1.06
River stage four • 183 direct dependents • 3675 total dependents
/ Filter::decrypt

NAME

Filter::decrypt - decrypt source filter

SYNOPSIS

use Filter::decrypt ;

DESCRIPTION

This is a sample decrypting source filter.

It is not intended to be used for real as supplied. Consider it to be a sampler from which you can develop your own decryption filter.

It is worth noting that a decryption filter can never provide complete security against attack. At some point the parser within Perl needs to be able to scan the original decrypted source. Fragments of the source will exist for a while in memory.

The best you can hope to achieve by decrypting your Perl source using a filter is to make it impractical to crack.

Given that proviso, there are a number of things you can do to make life more difficult for the prospective cracker.

  1. Strip the Perl binary to remove all symbols.

  2. Build the decrypt extension using static linking. If the extension is provided as a dynamic module, there is nothing to stop someone from linking it at run time with a modified Perl binary.

  3. Do not build Perl with -DDEBUGGING. If you do then your source can be retrieved with the -Dp command line option.

  4. Do not build Perl with C debugging support enabled.

  5. Do not implement the decryption filter as a sub-process (like the cpp source filter). It is possible to peek into the pipe that connects to the sub-process.

  6. Do not use the decrypt filter as-is. The algorithm used in this filter has been purposefully left simple.

If you feel that the source filtering mechanism is not secure enough you could try using the unexec/undump method. See the Perl FAQ for further details.

AUTHOR

Paul Marquess <pmarquess@bfsec.bt.co.uk>

DATE

20th June 1995.