how to hide part of the source passwords etc

[Didier]

I do some stuff that encapsulate calls to various systems
(os api, erp queries, databases access) and if the results
are no secret some passwords used internally are. How to
solve the issue?

example: one program to create a Windows AD user
and use internally higher credentials...(runas..)

You may ask how is it protected now?
Certainly not perfectly but it is in the compiled versions
and kids under 3 will not set a breakpoint.

regards

DD

 

[Didier]

If you create a windows user based on datas stored in a
flat file and do all the checking to have it done
consistently. You can give the program to a
non administrator of the network. But you will not give
the administrator password so that any task be done
by anyone.


regards

Didier

--

 

[Didier]

Well If i want to let users do say runas something it must
be done in client server or xml rpc or whatever the flavor.


a huge drawback for Ruby (and Python).



regards.


Didier

 

[Cliff Cyphers]

Well If i want to let users do say runas something it must
be done in client server or xml rpc or whatever the flavor.

How about ruby2scriptexe?

a huge drawback for Ruby (and Python).

Java isn't much safer in this regard. It's fairly straight forward to
decompile byte code to the original.

 

[Rick DeNatale]

How about ruby2scriptexe?


Java isn't much safer in this regard. It's fairly straight forward to
decompile byte code to the original.

And compiled C code or the like isn't necessarily that safe either.

On Unix> man strings
on Windows:
http://www.sysinternals.com/Utilities/Strings.html

One shouldn't rely that much on security by obscurity.