A user for only one program - Security & Cryptography
Users browsing this thread: 5 Guest(s)
|
|||
Hello fellow nixers,
This thread is about providing access to a program as a service but securing the source code. I'm working on a project in a scripting language and I'd like to offer it as an online service. I'm not sure on how to proceed. I was thinking of providing people with a user on a VPS which only has executable permission on the program. In that case they'll be able to use it but won't be able to leak it. Jail and others might be an option but when it's only for a single executable I don't think they're well suited. Yes, this isn't GNU world... What do you think of the software as a service as a script that's executable only by the user? Any other ideas/suggestions/tips? |
|||
|
|||
You could make a available via CGI on your server if it's meant for an online use only. Have a HTML "textarea" sent to the CGI script by your webserver.
|
|||
|
|||
(29-12-2015, 08:07 AM)z3bra Wrote: You could make a available via CGI on your server if it's meant for an online use only. Have a HTML "textarea" sent to the CGI script by your webserver.But then I'll have to come up with a way to protect that cgi from unwanted users. By giving the wanted users a login on a VPS I don't have to break my head with all of that. |
|||
|
|||
Mmh, true.. But you then have to secure the account, which can be as tedious. Not sure what's best. I too would prefer the VPS account solution though.
|
|||
|
|||
It's a bit hard to work out exactly what you want without knowing what the program does, but could you somehow transform it into a simple API? Securing from unwanted users can be done with an access key I guess.
|
|||
|
|||
(30-12-2015, 04:10 PM)kirby Wrote: It's a bit hard to work out exactly what you want without knowing what the program does, but could you somehow transform it into a simple API? Securing from unwanted users can be done with an access key I guess.Let's say the program is written in a scripting language so it's clear text. Yes, writing an api would be another solution but there's the overhead of writing it and adding the authentication system. Z3bra proposed the same thing. |
|||