On Sun, 20 Feb 2005 20:26:07 -0500 Stas Bekman <[EMAIL PROTECTED]> wrote:
> Adi Fairbank wrote: > > Take a look at Crypt::License on CPAN. I used it a couple years back to do > > exactly what you are trying to do. It encrypts your Perl source code and > > then decrypts it on the fly. There is a slight overhead for the decryption, > > but if running under mod_perl, that should be negligible since it would only > > need to decrypt on apache startup. > > Just be aware that if perl sees the decrypted code, the user can see it > too. It's not trivial but certainly doable, for example while running > under perl debugger. I wonder why Crypt::License docs don't include any > warning. Or do I miss something? I haven't tried this particular module, > but all the previous discussions about similar modules had the conclusion > that you can really hide the code, other than making it harder to get to it. > Yes, it's fairly easy (for any programmer) to intercept the perl code after it is decrypted and before it's sent to the perl interpreter. It would not be easy for the average user though (depending on who your users are). But with Crypt::License, you will only be able to decrypt *if* you have a valid license key. That may not make a difference, if you are offering free trial versions, for example. Stas, I'm sure you didn't miss anything in the Crypt::License docs.. As I remember, the docs were very minimal and it took me a while just to figure out how to get it to work- and I had to look through the source quite a bit. -Adi
