shc - Generic shell script compiler ??
Justin Conover
justin.conover at gmail.com
Tue Mar 8 16:57:00 UTC 2005
Does anyone see this as being a decent program? Do you think it
encrypt's the script well enough or is easily crackable? If it is a
decent program, do you see a need for it in Fedora - extra's or
something as an added security mechanism. Although I imagine with the
fine grained control of SELinux this probably isn't really need, any
thoughts?
http://www.datsi.fi.upm.es/%7Efrosal/sources/shc.html
http://www.datsi.fi.upm.es/%7Efrosal/sources/CHANGES
http://www.datsi.fi.upm.es/%7Efrosal/sources/shc-3.7.tgz
http://www.linuxsecurity.com/content/view/117920/49/
" shc itself is not a compiler such as cc, it rather encodes
and encrypts a shell script and generates C source code with
the added expiration capability. It then uses the system
compiler to compile a stripped binary which behaves exactly
like the original script. Upon execution, the compiled
binary will decrypt and execute the code with the shell -c
option. Unfortunatelly, it will not give you any speed
improvement as a real C program would.
shc's main purpose is to protect your shell scripts from
modification or inspection. You can use it if you wish to
distribute your scripts but don't want them to be easily
readable by other people."
More information about the fedora-selinux-list
mailing list