|
|
Boost Users : |
Subject: Re: [Boost-users] Fwd: [MPL] How can I make this occupy less space on disk?
From: Ian Bruntlett (ian.bruntlett_at_[hidden])
Date: 2011-05-17 12:17:25
Hi Pedro,
On 17 May 2011 16:52, Pedro d'Aquino <pedro.daquino_at_[hidden]> wrote:
> Hello,
>
> I'm using Boost.MPL to obfuscate sensitive strings during compilation.
> I wrote a class called obf_string which can be used in the following
> way:
>
> obf_string<'my_d','atab','ase_','pass','word'> password;
> connect_to_db( password.unobfuscate() );
>
> If someone runs strings.exe on this executable, they will not see
> "my_database_password" listed there, because it has been XORed with a
> binary mask. This approach has several benefits over e.g.
> preprocessing all the source files with a tool that encrypts all
> strings. The most significant is that I can easily see and change the
> string.
>
I don't know if this applies to you but... any halfway decent assembly
language programmer with operating system expertise will be able to set a
breakpoint for relevant O.S. or library calls. In Linux its even easier -
use the strace command and it lists OS calls to stdout.
One place I worked at used the Windows registry to store ODBC and SQL
parameters.
Just how hostile are you expecting the end users of your application to be?
HTH,
Ian
-- -- ACCU - Professionalism in programming - http://www.accu.org/
Boost-users list run by williamkempf at hotmail.com, kalb at libertysoft.com, bjorn.karlsson at readsoft.com, gregod at cs.rpi.edu, wekempf at cox.net