adf@mace.cc.purdue.edu (Brian Moore) (02/23/91)
Microsoft + Networks + Security = Pain
Could somebody "hint Microsoft" Please tell me how to protect your products
on a NFS network (heck any network) from people copying them.
My problems began when Microsoft (or the vendor of your choice) decided to make
the overlay files embedded within the executable. Normally this wouldn't be a
bad idea if it was going to be on a local PC hard drive or if you are not
worried about people stealing copies of your software. But I work at a
University where it is not possible to have a copy of a package for everyone
on campus just a copy for each computer we have on the net. And there are
many students who wouldn't think twice about taking an illegal copy of "Word
for windows" home.
The problem with these internal overlaid products we are having is they
cannot be marked executable only. If you do you won't be able to read the
overlays in the file. This is not a problem if the overlays are external
you just mark the overlays readable and the program executable only and you
have a secure product which nobody can copy. If you marked the internal
overlay file executable only you can get some interesting errors and the
program crashes.
We have had the same problem with Novell networks and we were able hide the
file but this is not very secure. I know of ways to copy the files still
and you most likely do to (there is no reason to describe how to). But under
NFS there is no UNIX way to hide a file on a PC and still be able to run the
program. what we have done is:
Set the program up on the NFS drive.
Create a bin directory one directory up from the application directory
Ex. \WORD
\WORD\BIN
In the BIN directory we place the overlaid executable.
now we flag the home directory and the support files of the application
as "chmod 755"
next we flag the BIN directory as "chmod 711"
Then we flag the application in the bin directory as "chmod 755"
Lastly I get down on my knees and pray that there is a way to have the
application know where to find the support files it might need.
With word I have been able to do this but Windows applications
have made me conceder buying stock in aspirin companies in order to get
some of my money back.
This still is not the most protected way to have an application but I can
make it so you almost have to ESP to figure how to copy it.
Oh by the way to run that application you have to write an launcher application
which knows the absolute path of the program.
If any body has any suggestions please contact me (adf@cc.purdue.edu).
My suggestion would be if your a company who is going to write an application
which needs overlays and might be placed on a network. You could make
network administrators lifes much less stressful by keeping the overlays out of
the applications. It's at the point now when I see a license agreement I want
to hide. The moral of the story is, if you don't want people to copy your
software make it easy for network administrators to protect it.
Speaking of licensing what about software metering, Ack @#$!!!.
Brian Moore |Phone: 317-494-1787
Purdue University Computing Center |FAX: 317-494-0566
ENAD BLDG |email: adf@cc.purdue.edu
West Lafayette, IN 47906 |