Can someone point me to information regarding either encrypting a perl file
so it can still execute (if this is possible),
You'll need to provide a little more information, especially: should the
perl program decrypt itself, or should the operator type in the
decryption key, for example?
If the former is the case, then you are offering very little protection
because the encrypted data carries along its own decryption key and
decryption code in the clear (it must be in the clear or else the system
couldn't execute it...) - it'll stop some people idly looking at the
source but nothing more.
If the latter then there are many ways of encrypting things, and I think
that you could easily write a self decrypting thing, like a 'shell
archive' that I've seen sometimes. The easiest thing might be to have a
simple perl script that asked for the decryption key, and then took its
__DATA__ section, decrypted that and ran it, somehow...
or embedding a 10,000+ line
script completely into a C/C++ program.
try 'perldoc perlembed' for that
It also needs to encapsulate all included libraries, etc.
This might be hard if there are .so or .dll objects involved, especially
if this program needs to run on different machines or architectures, but
if it's all pure perl then I think that you can just concatenate the
whole lot together _in the right order_ and load it as one stream of
text. OTOH you could simply encrypt a zip file or tar.gz of all the
files required and decrypt them onto the filesystem, but that has its
own vulnerabilities. [ Also, you probably don't need to encrypt all the
modules do you? ]
Note that there are other ways to investigate your program which do not
necessarily require a human to read and print out your source code, for
example using debuggers, a 'special' version of perl, tools such as
strace or truss, etc... if you can provide more info about your
requirements we might be able to focus on better suggestions.
I'm assuming that you are running this on a fairly normal computer - I
would guess that some specialist platforms have support for encrypted
binary image execution, etc, but they're probably military, and the
kinds of people who use those systems probably wouldn't be asking for
advice here
P