A user for only one program - Security & Cryptography

Users browsing this thread: 1 Guest(s)
venam
Administrators
Hello fellow nixers,
This thread is about providing access to a program as a service but securing the source code.

I'm working on a project in a scripting language and I'd like to offer it as an online service. I'm not sure on how to proceed.

I was thinking of providing people with a user on a VPS which only has executable permission on the program. In that case they'll be able to use it but won't be able to leak it.

Jail and others might be an option but when it's only for a single executable I don't think they're well suited.

Yes, this isn't GNU world...

What do you think of the software as a service as a script that's executable only by the user? Any other ideas/suggestions/tips?
z3bra
Grey Hair Nixers
You could make a available via CGI on your server if it's meant for an online use only. Have a HTML "textarea" sent to the CGI script by your webserver.
venam
Administrators
(29-12-2015, 08:07 AM)z3bra Wrote: You could make a available via CGI on your server if it's meant for an online use only. Have a HTML "textarea" sent to the CGI script by your webserver.
But then I'll have to come up with a way to protect that cgi from unwanted users.
By giving the wanted users a login on a VPS I don't have to break my head with all of that.
z3bra
Grey Hair Nixers
Mmh, true.. But you then have to secure the account, which can be as tedious. Not sure what's best. I too would prefer the VPS account solution though.
kirby
Long time nixers
It's a bit hard to work out exactly what you want without knowing what the program does, but could you somehow transform it into a simple API? Securing from unwanted users can be done with an access key I guess.
venam
Administrators
(30-12-2015, 04:10 PM)kirby Wrote: It's a bit hard to work out exactly what you want without knowing what the program does, but could you somehow transform it into a simple API? Securing from unwanted users can be done with an access key I guess.
Let's say the program is written in a scripting language so it's clear text.

Yes, writing an api would be another solution but there's the overhead of writing it and adding the authentication system. Z3bra proposed the same thing.