From owner-freebsd-questions Fri Sep 19 09:53:28 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id JAA24033 for questions-outgoing; Fri, 19 Sep 1997 09:53:28 -0700 (PDT) Received: from www.xinetron.com (www.xinetron.com [206.86.215.68]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id JAA24023 for ; Fri, 19 Sep 1997 09:53:24 -0700 (PDT) Received: from pop.xinetron.com (pop.xinetron.com [206.86.215.82]) by www.xinetron.com (8.7.5/8.7.3) with ESMTP id JAA01008; Fri, 19 Sep 1997 09:53:08 -0700 (PDT) Received: from jason.xinetron.com (jason.xinetron.com [206.86.215.94]) by pop.xinetron.com (8.7.5/8.7.3) with ESMTP id JAA18216; Fri, 19 Sep 1997 09:53:08 -0700 (PDT) Message-ID: <3422ADF6.42C3563B@xinetron.com> Date: Fri, 19 Sep 1997 09:53:11 -0700 From: Local list X-Mailer: Mozilla 4.01 [en] (Win95; I) MIME-Version: 1.0 To: Stephen Roome CC: freebsd-questions@FreeBSD.ORG Subject: Re: Secure code.. X-Priority: 3 (Normal) References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Stephen Roome wrote: > I'm working on a product here that runs on a FreeBSD > system. It comes on a > pre-installed box and the code shouldn't be accessible to > anyone but us. > > Some of the code is written in C, and there's no source > code kept on the > computer, so that is safe. Some of it is written in perl, > so if they get > in then they can have that and any of the private > information stored on > the computer. > > If we sell these boxes to someone with secure consoles and > no login > accounts then it's pretty unlikely they are going to do > much to get at > private information. However if someone takes the hard > disc out and > decides to try and read it what precautions can be taken > to stop them > getting at the data. > > (I guess this is something someone has covered before?) The Perl Compiler, (yes, Virginia, you can compile to C) by Malcolm Beattie is available in alpha-3 release. This is still considered experimental, but is definitely firming up. See also his first announcement about it for details. Please read the relevant FAQs about what it is and what it is not. http://language.perl.com/info/software.html The compiler works, but since is in alpha, you must be very careful. Avoid large number ( >0x80000000 ) calculation. I tried it with 5.003 and it worked for me. With 5.004, for some reason a subroutine ( function) doesn't handle the flow back to the main program. -- Jason > > > So far all I've got is.. > > - encrypt all the data stored on the computer. > - put "warranty void if removed" stickers on the back of > the box. > - put the box together with the weird three headed screws. > > { these are probably bad ideas.. =) } > - store all the data in my own weird encrypted filesystem > (yeah sure). > - store all the data cunningly in a second "swap" > partition. > > { this is terrible idea, but has been suggested.. > } > - give up and sell and NT solution > > Well, any advice dearly appreciated. > > Thanks in advance, > Steve Roome. > > -- > Steve Roome - Vision Interactive Ltd. > Tel:+44(0)117 9730597 Home:+44(0)976 241342 > WWW: http://dylan.visint.co.uk/