Re: Creating Secure Standalone Binaries for 9/X
From: Melissa Schrumpf (reverse-comDOTyahooATm_schrumpf_at_bogus.address)
Date: 03/26/04
- Next message: Cameron Laird: "Re: Get numerics/digits from a string"
- Previous message: Peter Campbell: "Get numerics/digits from a string"
- In reply to: Kevin Spencer: "Creating Secure Standalone Binaries for 9/X"
- Next in thread: Spencerian: "Re: Creating Secure Standalone Binaries for 9/X"
- Reply:(deleted message) Spencerian: "Re: Creating Secure Standalone Binaries for 9/X"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 25 Mar 2004 23:08:59 -0500
Kevin Spencer wrote:
> My instructions were to
> 1) Create a standalone binary of the script usable in Mac OS 9 and X
Okay, not too bad...
> 2) Keep the script's code hidden so the company's IP is unreadable
Ergh.
> 3) Minimize the need to install any Tcl/Tk components in the OS, if possible
> After a few hours research I was able to create a "fake" app by
> inserting the script in a copy of a Wish Shell app package, which works
> fine for OS X. However, I can't figure out how to lock down the app
> bundle, so the IP of the script is unprotected.
We'll get back to this...
> The somewhat older Mac OS 9 Tcl parts included a Drag and Drop Tclets
> app, described on many sites as the solution for creating the Tcl
> binary for OS 9. However, I cannot drop my Tcl script on the applet for
> some reason.
> If I could use Xcode to create a Carbon application that works in 9 and
> X that contains the script AND compile the app in such a way that
> leaves its script non-human-readable, it would satisfy my goal. I'm
> sure I can get Xcode to do the job--I just lack the expertise, but may
> figure it out.
> My question to any of you is: Am I barking up the right tree, or is
> there a simplier method?
Okay, for OS 9...
The MacOS Classic way of doing this is to cram the text of the tcl script into
a resource of a copy of the Wish binary. All the Drag & Drop Tcllets thing
does is copy the text of your script into the resource: TEXT -- ID 3114. If
you get a copy of ResEdit (or Resourcer, or what have you), you can copy &
paste your own code into this resource with ease.
Of course, as Andreas said, it's probably just a matter that the file type
appears wrong. However, the EASIEST way to make the file type and creator
change is to open the script file in SimpleText, make a minor change (type a
space and delete it), and save the file. This _should_ change the type &
creator, and Drag & Drop Tcllets should now accept it. But that might not
give you a stand-alone app.
Something else you should know about the MacOS Classic app...
Earlier versions had a bug in the stand-alone Wish app. I'm not sure if this
has been fixed since, but they would fail to run on machines without a full
Tcl/Tk installation. This was back in the 8.3.3 days. It seemed that the
"Simple Tk" didn't include msgcat. From my archives:
> "Simple Tk (PPC)" (or 68k) is the correct binary. It is somewhat broken
> in the 8.3.4 release: it is missing bgerror and msgcat, which are
> contained in tcl/library/msgcat/msgcat.tcl.
> Do this:
> Copy "Simple Tk (PPC)" to "Simple Tk (PPC).edit"
> Run ResEdit (or Resourcer, or whathaveyou). Open a "Simple Tk
> (PPC).edit" in ResEdit. Open the "TEXT" resources. Open resource ID
> 3014 "bgerror." Find the line that says:
>
> "package require msgcat"
>
> This will be right at the top.
>
> Next, open tcl/library/msgcat/msgcat.tcl in a text editor. Copy from
> the beginning of the line:
>
> package provide msgcat 1.1.1
>
> through to the end of the file.
>
> Return to ResEdit. Delete the line "package require msgcat" and, in its
> place, paste the code you copied from msgcat.tcl. Close all resources
> and save.
> Viola! You now have a fixed stand-alone Tk shell.
As for encoding the IP, you might be able to make some sort of obfuscation...
you could encrypt your code and store it in a resource, but you'll ultimately
have to have a plain text proc that shows how to decrypt it. Beyond that, you
may have to compile yourself a custom application. But even then it will
contain its own decryption scheme, if only in machine code.
-- MKS
- Next message: Cameron Laird: "Re: Get numerics/digits from a string"
- Previous message: Peter Campbell: "Get numerics/digits from a string"
- In reply to: Kevin Spencer: "Creating Secure Standalone Binaries for 9/X"
- Next in thread: Spencerian: "Re: Creating Secure Standalone Binaries for 9/X"
- Reply:(deleted message) Spencerian: "Re: Creating Secure Standalone Binaries for 9/X"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
