[Catalyst] creating binaries
Joe Landman
landman at scalableinformatics.com
Wed Jan 17 06:08:45 GMT 2007
Octavian Rasnita wrote:
> From: "Joe Landman" <landman at scalableinformatics.com>
>
>>> perlapp doesn't drop the source code in /tmp. It puts there only some
>>> .dll files, and nothing more than that.
>>> (I am using perl Dev Kit 6.02, but now PDK 7 was just released).
>>
>> The "source" needs to be obtained somehow and in some state for the
>> Perl program to handle it.
>
> Oh yes I know that, but if it would be too hard to get that code, most
> users would prefer to pay for the program instead of cracking it.
Technological measures can be defeated. Assume they provide speed bumps
at most to determined hackers.
We have found that people are (sometimes) willing to pay for programs
when they add significant value to what it is they are doing. That
said, much of the reason we see our customers interested in open source
has very little to do with libre' and a great deal to do with
acquisition cost. The often higher quality is an added benefit.
What stops them from doing un-intended things with it are good licenses
that grant them the rights they require without granting them the rights
they do not require. You are not granting ownership rights, you grant
usage rights.
You may chose to restrict these rights, or not grant them at all. In
this case, you may need to review which elements of OSS you may yourself
use in your program.
>>> Can the source code be got easily from those dll files?
>>> If it cannot be found easily, then I think it would be nice if the
>>> Catalyst applications could be deployed using perlapp.
>>
>> Once your program is loaded, and compiled into object/internal
>> representation form in memory, the memory could be forced to disk
>> somehow, and a creative hacker can reasonably reassemble your code.
>>
>> That is unless you have your in-memory image also encrypted with on
>> the fly decryption/execution. I am not aware of any one doing this
>> for any language. Though I could be wrong.
>
> As far as I know in the latest versions of perlapp, the source code is
> kept in memory and it is also crypted.
> That decryption might be done, but it would be much harder, and again,
> most users will prefer paying for the program instead of fighting with
> it for breaking the protection.
I have not seen many users, who have a day job that requires that the
get specific work done, try to crack program source code, or reverse
engineer their apps. It all comes down to the value you offer, and what
you are willing to enable.
Protection has its purposes, though compiling programs is not what I
would call protection. If you want to protect you need to mix
encryption with some sort of preventative execution measure, a DRM of
sorts. This provides something akin to a higher speedbump, but it is
only a speedbump. It is not absolute protection. The only way to get
better protection is to never ship the application, only the side
effects. Google doesn't ship its applications, though they are some of
the most widely used in the world. I am willing to be that the critical
internal bits are not OSS.
>
>>> If a language is interpreted, this doesn't mean that the programs
>>> that were made with it cannot be protected in any way.
>>
>> Define protection. Do you mean "not copied/looked at/altered" ?
>
> Ok, thanks for asking this, because each one of us understand something
> different.
> By protection I understand that if someone would like to get the source
> code of the program, that person should be a pretty good programmer, and
> he should spend a long time trying to get it. How much time? Well, a
> time that doesn't cost more than $90.
Hmmm.... So you think they should spend at least $90US of time to get
the program from the internal representation?
So do you know about B::Deparse?
I would suggest reflecting upon which goals you have in preventing
access to source. Is it prevention of modification, protection of IP,
restriction of redistribution ...
> But I don't know if I understood correctly... from this discussion I
> think that it is not possible to do what I want using Catalyst.
This has nothing to do with Catalyst. This is (not really) a language
issue, and more correctly a basic computing issue. Unless your code is
always encrypted, in memory, on disk, etc. there is little possibility
to prevent a determined hacker from getting it. So if you take this off
the plate, that is, you make it so that getting at the source is not
hard at all, you effectively remove that attack vector against your
code. Now focus upon what it is you do. Heck, you can even hide your
IP back behind a nice XML-RPC/SOAP stack on a remote system or three,
and distribute the rest as OSS.
> I have also tried an HTTP server module from cpan that works with
> CGI::Application, but that module cannot be installed under Windows.
Ok, the issue sounds like windows. I don't want to comment on its
support as I don't use it for this. We use Linux for our work, all of
this works just fine.
FWIW: I have tried recent Catalyst under Cygwin (www.cygwin.com) and it
seems to work fine (thanks to MST and lots of others). If you are
constrained to work on windows, try cygwin.
>
> So I think I will use
> HTTP::Server::Simple::CGI
>
> It would have been much better and easier if I could have done it using
> Catalyst however, but it is too bad that's not possible.
???
>
> I am wondering why it is not possible. Perlapp includes in the package
> all the necessary modules that are required by the application. I
> thought that if I create a binary executable from myapp_server.pl, it
> would do that, and the application it will work.
From cygwin on this XP box:
> landman at splash ~
> $ catalyst.pl MyApp
> created "MyApp"
> created "MyApp/script"
> created "MyApp/lib"
> created "MyApp/root"
> created "MyApp/root/static"
> created "MyApp/root/static/images"
> created "MyApp/t"
> created "MyApp/lib/MyApp"
> created "MyApp/lib/MyApp/Model"
> created "MyApp/lib/MyApp/View"
> created "MyApp/lib/MyApp/Controller"
> created "MyApp/myapp.yml"
> created "MyApp/lib/MyApp.pm"
> created "MyApp/lib/MyApp/Controller/Root.pm"
> created "MyApp/README"
> created "MyApp/Changes"
> created "MyApp/t/01app.t"
> created "MyApp/t/02pod.t"
> created "MyApp/t/03podcoverage.t"
> created "MyApp/root/static/images/catalyst_logo.png"
> created "MyApp/root/static/images/btn_120x50_built.png"
> created "MyApp/root/static/images/btn_120x50_built_shadow.png"
> created "MyApp/root/static/images/btn_120x50_powered.png"
> created "MyApp/root/static/images/btn_120x50_powered_shadow.png"
> created "MyApp/root/static/images/btn_88x31_built.png"
> created "MyApp/root/static/images/btn_88x31_built_shadow.png"
> created "MyApp/root/static/images/btn_88x31_powered.png"
> created "MyApp/root/static/images/btn_88x31_powered_shadow.png"
> created "MyApp/root/favicon.ico"
> created "MyApp/Makefile.PL"
> created "MyApp/script/myapp_cgi.pl"
> created "MyApp/script/myapp_fastcgi.pl"
> created "MyApp/script/myapp_server.pl"
> created "MyApp/script/myapp_test.pl"
> created "MyApp/script/myapp_create.pl"
>
> landman at splash ~
> $ cd MyApp/
>
> landman at splash ~/MyApp
> $ script/myapp_create.pl controller Foo
> exists "/home/landman/MyApp/script/../lib/MyApp/Controller"
> exists "/home/landman/MyApp/script/../t"
> created "/home/landman/MyApp/script/../lib/MyApp/Controller/Foo.pm"
> created "/home/landman/MyApp/script/../t/controller_Foo.t"
>
> landman at splash ~/MyApp
> $ script/myapp_create.pl view Mason Mason
> exists "/home/landman/MyApp/script/../lib/MyApp/View"
> exists "/home/landman/MyApp/script/../t"
> created "/home/landman/MyApp/script/../lib/MyApp/View/Mason.pm"
> created "/home/landman/MyApp/script/../t/view_Mason.t"
>
> landman at splash ~/MyApp
> $ script/myapp_server.pl
> [Wed Jan 17 01:05:40 2007] [catalyst] [debug] Debug messages enabled
> [Wed Jan 17 01:05:40 2007] [catalyst] [debug] Loaded plugins:
> .------------------------------------------------------------------------------.
>
> | Catalyst::Plugin::ConfigLoader 0.04 |
>
> | Catalyst::Plugin::Static::Simple 0.13 |
>
> '------------------------------------------------------------------------------'
>
>
> [Wed Jan 17 01:05:40 2007] [catalyst] [debug] Loaded dispatcher "Catalyst::Dispa
> tcher"
> [Wed Jan 17 01:05:40 2007] [catalyst] [debug] Loaded engine "Catalyst::Engine::H
> TTP"
> [Wed Jan 17 01:05:40 2007] [catalyst] [debug] Found home "/home/landman/MyApp"
> [Wed Jan 17 01:05:40 2007] [catalyst] [debug] Loaded components:
> .-------------------------------------------------------------------+----------.
>
> | Class | Type |
>
> +-------------------------------------------------------------------+----------+
>
> | MyApp::Controller::Foo | instance |
>
> | MyApp::Controller::Root | instance |
>
> | MyApp::View::Mason | instance |
>
> '-------------------------------------------------------------------+----------'
>
>
> [Wed Jan 17 01:05:41 2007] [catalyst] [debug] Loaded Private actions:
> .----------------------+----------------------------------------+--------------.
>
> | Private | Class | Method |
>
> +----------------------+----------------------------------------+--------------+
>
> | /default | MyApp::Controller::Root | default |
>
> '----------------------+----------------------------------------+--------------'
>
>
> [Wed Jan 17 01:05:41 2007] [catalyst] [info] MyApp powered by Catalyst 5.66
> You can connect to your server at http://splash:3000
> [Wed Jan 17 01:05:53 2007] [catalyst] [debug] **********************************
>
> [Wed Jan 17 01:05:53 2007] [catalyst] [debug] * Request 1 (0.077/s) [2896]
> [Wed Jan 17 01:05:53 2007] [catalyst] [debug] **********************************
>
> [Wed Jan 17 01:05:53 2007] [catalyst] [debug] "GET" request for "" from "192.168
> .1.20"
> [Wed Jan 17 01:05:53 2007] [catalyst] [info] Request took 0.059402s (16.834/s)
> .------------------------------------------------------------------+-----------.
>
> | Action | Time |
>
> +------------------------------------------------------------------+-----------+
>
> | /default | 0.001153s |
>
> '------------------------------------------------------------------+-----------'
and on the web browser: (http://splash:3000)
MyApp on Catalyst 5.66
Catalyst Logo
Welcome to the wonderful world of Catalyst. This MVC framework will make
web development something you had never expected it to be: Fun,
rewarding, and quick.
What to do now?
...
So it does look like it works just fine.
I am not sure I grasp what it is you are trying to do that is not working.
> Does anyone have any idea why it doesn't work?
>
> Thank you.
>
> Octavian
>
>
>
>
>
> _______________________________________________
> List: Catalyst at lists.rawmode.org
> Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
> Dev site: http://dev.catalyst.perl.org/
--
Joseph Landman, Ph.D
Founder and CEO
Scalable Informatics LLC,
email: landman at scalableinformatics.com
web : http://www.scalableinformatics.com
phone: +1 734 786 8423
fax : +1 734 786 8452 or +1 866 888 3112
cell : +1 734 612 4615
More information about the Catalyst
mailing list