I searched for this but not sure I am using the correct terminology.
To meet audit requirements, I need to make sure scripts that may contain sensitive information are not readable by anyone but authorised users.
I tried using unix crypt but then I can not execute script.
I have never seen this done, but is there a way to make a regular old unix script into an executable object ?
use unix permissions.
say you have a script by userA that contains sensative data.
chmod 500. make is readable and executable by him and only him.
chmod 550, make it executable and readable for him and anyone in his group.
just remember that root can always read anyones data.
and if you have a file that has user/passwd entries in it you cna use perl to encrypt the file and decript it on the fly.
Thank you but that does not work in my situation . The script interfaces with an application. Everyone who uses the application is in a specific group. The scripts have to be in that same specific group to work with the application. The group permissions have to be rw in order for the script to work with the application because as far as the application is concerned, my script is just another "user".
That is why I am looking at encrypting it.
I may have to do another language but it was worth a shot to ask.
There are tools that can compile a script. But your script must be compatible with them.
Here is one.
But that is not encryption. Some people can read object code. And with a tool like adb, you can disassemble the code and now anyone who can read assembler can read it.
However once the code is an object, you can set the permissions to execute only... no reading allowed. Now you have some security.
Yes. that would work.
thanks!