lammert
msg:4143412 | 4:25 am on May 29, 2010 (gmt 0) |
If the server is on your customer's location there is no protection at all. They only need a USB thumb drive with a small linux version, boot the system from that thumb drive and copy all your files and other stuff.
If USB booting doesn't work, they can just remove the harddisk and mount it as secondary disk in another computer.
|
explorador
msg:4143625 | 5:15 pm on May 29, 2010 (gmt 0) |
by now I'm doing tests and setting folders with no access for anyone but the admin... so far the folders work and are unreadable, not even listings. I tried with other users, even booting with other linux distro and administrator modes (on other linux distros too) and the folder remains unreadable, I think at least I'm getting to some reasonable level of security. I'll keep trying.
|
lammert
msg:4143787 | 3:09 am on May 30, 2010 (gmt 0) |
The whole principle of access rights in Linux is ignored for every user who has usercode 0. Normally this is the user who logs in as root. Booting another linux distro and login in to that distro as user root overrules all the folder settings you make.
|
explorador
msg:4144104 | 10:51 pm on May 30, 2010 (gmt 0) |
Thanks lammert, I see... I'll keep looking for alternatives.
|
graeme_p
msg:4144198 | 4:42 am on May 31, 2010 (gmt 0) |
Storing your stuff on an encrypted partition would do it, but the client would not be able to restart it after a reboot. There are probably ways they could trick you into giving away the encryption pass phrase.
How good does your security need to be?
Are there any other solutions, such as getting the client to pay extra to compensate you for source access?
|
lammert
msg:4144202 | 5:21 am on May 31, 2010 (gmt 0) |
Perl is shipped with a compiler (see man perlcc) which turns the code in a file which can be executed directly. The compiler is however marked as "highly experimental" and I don't know how it performs in production environments. This would make your source code unreadable, but access to the database is still possible.
|
explorador
msg:4144359 | 2:36 pm on May 31, 2010 (gmt 0) |
graeme_p:
| Storing your stuff on an encrypted partition would do it, but the client would not be able to restart it after a reboot. |
|
You are right, configuring the server to auto load it will be almost like not having encryption
How good does your security need to be?
Are there any other solutions, such as getting the client to pay extra to compensate you for source access? |
|
I just want to stop others from using the app without authorization. Compensation? there is an issue there. My app is server-side-multiuser (many users at the same company), multi client (diff companies using it with no problem). I could install it locally as a "single user" solution that should cost less. Or as a private app on a local server that should cost more for the private use.
lammert:
| Perl is shipped with a compiler (see man perlcc) which turns the code in a file which can be executed directly. The compiler is however marked as "highly experimental" and I don't know how it performs in production environments. This would make your source code unreadable, but access to the database is still possible. |
|
thanks, I'm reading about it. I used a forum app app in the past that had perl code and one sort of library that was not pure text. I'm researching on this, perhaps is a perlcc compiled script.
Thanks, I'll keep researching and will post results here.
|
ksrao
msg:4163448 | 2:30 pm on Jul 2, 2010 (gmt 0) |
Hi,
Linux is having great security in its file system. It is different form others in the Hierarchy itself. Which is the root (/) is on the top and all other directories are mounted under it.
It maintains Security accepts with the help of following
1. Basic File permissions
rwx read write Execute
2. Special File permissions
SUID
GUID
Sticky Bit
3. ACL ( Access Control List)
4. Password Encryption( using MD5 & DES Algorithems)
5. Through RAID levels
TO enhance your knowledge in RHEL-4 practice online tests.
[wiziq.com ]
Regards
Kolla Sanjeeva Rao
|
|
