[Kamailio-Users] Unreadable script
Henning Westerholt
henning.westerholt at 1und1.de
Thu Jan 7 18:47:21 CET 2010
On Thursday 07 January 2010, Alex Balashov wrote:
> > Daniel, isn't the configuration somehow compiled into internal format?
> > Would it be possible to do the "compilation" on another server and
> > provide only a binary file which represents the internal structure of
> > the configuration?
>
> It just uses a lexer. I don't think the internal parse tree and/or
> other data structures associated with that process can really be
> serialised/deserialised in the manner of some sort of "bytecode."
Hi Alex,
one option to hide the configuration script would be to create a bundle of the
binary and the cfg, and then encrypt this with some key. During startup this
files are decrypted and then the server run with the cfg in memory.
I think similar packing methods are done from some viruses. But even in this
case an sufficient motivated attacker could just read the cfg from the RAM, if
its not removed after loading. And then of course there is always the option
to read the compiled form created from the lexer from RAM and decompile it
manually. And of course the key is also somehow present in the bundle, if you
don't store it in some sort of protected hardware entity..
Cheers,
Henning
More information about the Users
mailing list