On Wed, February 21, 2007 8:52 am, Brian Dunning wrote: > I have a few scripts that I want to protect from the prying eyes of > even people with root access to my server. The best suggestion I've > heard is to store only the compiled version on the server itself. I > have no idea how to do this or how those scripts would be called. Can > anyone point me to a good starting place?
There are products/projects such as that Prioblender (?) thing, and Zend has one which was once called Zend Encoder but got re-named by Marketing to, maybe, Zend Guard (?). Basically, if somebody has root access, though, them having access to your PHP script should be awfully low on the worry list... :-) Assuming this is somebody you actually WANT to have root on your box, then a good clear contract with them regarding the use of the source is probably more important than trying to obfuscate it. Any determined individual can reverse-engineer it no matter how you obfuscate it, so you need that contract anyway. Once you have the clear contract, whether they just steal it as source, or reverse engineer it, you are in the same boat. So you're only keeping the honest people honest with an ill-designed lock to add the obfuscation. -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
