Front page | perl.perl5.porters |
Postings from March 2023
Re: "piracy" misinformation
Thread Previous
|
Thread Next
From:
demerphq
Date:
March 3, 2023 08:07
Subject:
Re: "piracy" misinformation
Message ID:
CANgJU+WWSPcjrnt7EMiTeWM_Qon2hewejgp2WRwN2aO8Z2RY3w@mail.gmail.com
I have created https://github.com/Perl/perl5/issues/20894 from this report.
Thank you for your report.
I will also convert your patch into a PR. Thank your for the contribution.
On Wed, 1 Mar 2023 at 04:51, zefram via perl5-porters <
perl5-porters@perl.org> wrote:
>
> This is a bug report for perl from zefram@fysh.org,
> generated with the help of perlbug 1.43 running under perl 5.37.9.
>
>
> -----------------------------------------------------------------
> <!--[Please describe your issue here]-->
>
> The pod/perlfilter.pod document says "The original purpose of source
> filters was to let you encrypt your program source to prevent casual
> piracy.". The likening of copyright infringement to nautical hijacking is
> wildly hyperbolic. Perl should not be spreading this line of tendentious
> misinformation. Even without the hyperbole, it's misleading to say
> that program encryption is aimed at preventing copyright infringement:
> it doesn't actually impede copying of the whole file. The things it
> really impedes are the understanding and editing of the program, which are
> actions that are at most only loosely connected to copyright infringement.
>
> I suggest that the word "piracy" should be replaced with "reading",
> which is both a more neutral term and a more accurate description of what
> program encryption impedes. There's also a similar problem with the word
> "cracker" later in the document.
>
> The document also understates how fundamental it is that program
> encryption can't fully prevent access to the real source code.
>
> The patch below fixes all of these problems. I see that the bug report
> template has acquired some unfamiliar character sequences, which I
> suspect is meant to make the bug report a document in some kind of markup
> language. But since there's nothing (in the template or in perlbug(1)'s
> output) specifying what language that might be, I'm not attempting to
> engage with it. It's entirely likely that the patch would cause mayhem,
> or at least render in a very broken way, if interpreted as markup.
> This bug report, in the form in which I'm sending it, is nothing more
> than plain ASCII text.
>
> PATCH_START
> --- a/pod/perlfilter.pod 2023-03-01 02:58:11.023713244 +0000
> +++ b/pod/perlfilter.pod 2023-03-01 03:40:31.954487800 +0000
> @@ -12,7 +12,7 @@
> own.
>
> The original purpose of source filters was to let you encrypt your
> -program source to prevent casual piracy. This isn't all they can do, as
> +program source to prevent casual reading. This isn't all they can do, as
> you'll soon learn. But first, the basics.
>
> =head1 CONCEPTS
> @@ -205,18 +205,17 @@
> All decryption filters work on the principle of "security through
> obscurity." Regardless of how well you write a decryption filter and
> how strong your encryption algorithm is, anyone determined enough can
> -retrieve the original source code. The reason is quite simple - once
> -the decryption filter has decrypted the source back to its original
> -form, fragments of it will be stored in the computer's memory as Perl
> -parses it. The source might only be in memory for a short period of
> -time, but anyone possessing a debugger, skill, and lots of patience can
> -eventually reconstruct your program.
> +retrieve the original source code. The reason is quite simple:
> +in order to execute your program Perl must parse its source code.
> +This means that Perl must have all the information needed to decrypt
> +your program, and that means that that information is also available to
> +anyone able to run the program.
>
> That said, there are a number of steps that can be taken to make life
> -difficult for the potential cracker. The most important: Write your
> +difficult for the potential reader. The most important: Write your
> decryption filter in C and statically link the decryption module into
> the Perl binary. For further tips to make life difficult for the
> -potential cracker, see the file I<decrypt.pm> in the source filters
> +potential reader, see the file I<decrypt.pm> in the source filters
> distribution.
>
> =back
> PATCH_END
>
> <!--[Please do not change anything below this line]-->
> <!------------------------------------------------------------------- -->
>
>
> ---
> **Flags**
> - category=docs
> - severity=low
> ---
> **Perl configuration**
> ```
> Site configuration information for perl 5.37.9:
>
> Configured by zefram at Wed Mar 1 02:31:43 GMT 2023.
>
> Summary of my perl5 (revision 5 version 37 subversion 9) configuration:
>
> Platform:
> osname=linux
> osvers=5.10.0-21-amd64
> archname=x86_64-linux-thread-multi
> uname='linux barba.rous.org 5.10.0-21-amd64 #1 smp debian 5.10.162-1
> (2023-01-21) x86_64 gnulinux '
> config_args='-des
> -Dprefix=/home/zefram/usr/perl/perl_install/perl-5.37.9-i64-f52
> -Duselargefiles -Dusethreads -Uafs -Ud_csh -Uusesfio -Uusenm -Duseshrplib
> -Dusedevel -Uversiononly -Ui_db'
> hint=recommended
> useposix=true
> d_sigaction=define
> useithreads=define
> usemultiplicity=define
> use64bitint=define
> use64bitall=define
> uselongdouble=undef
> usemymalloc=n
> default_inc_excludes_dot=define
> Compiler:
> cc='cc'
> ccflags ='-D_REENTRANT -D_GNU_SOURCE -fwrapv -fno-strict-aliasing
> -pipe -fstack-protector-strong -I/usr/local/include -D_LARGEFILE_SOURCE
> -D_FILE_OFFSET_BITS=64 -D_FORTIFY_SOURCE=2'
> optimize='-O2'
> cppflags='-D_REENTRANT -D_GNU_SOURCE -fwrapv -fno-strict-aliasing
> -pipe -fstack-protector-strong -I/usr/local/include'
> ccversion=''
> gccversion='10.2.1 20210110'
> gccosandvers=''
> intsize=4
> longsize=8
> ptrsize=8
> doublesize=8
> byteorder=12345678
> doublekind=3
> d_longlong=define
> longlongsize=8
> d_longdbl=define
> longdblsize=16
> longdblkind=3
> ivtype='long'
> ivsize=8
> nvtype='double'
> nvsize=8
> Off_t='off_t'
> lseeksize=8
> alignbytes=8
> prototype=define
> Linker and Libraries:
> ld='cc'
> ldflags =' -fstack-protector-strong -L/usr/local/lib'
> libpth=/usr/local/lib /usr/lib/x86_64-linux-gnu /usr/lib
> /lib/x86_64-linux-gnu /lib
> libs=-lpthread -lgdbm -ldb -ldl -lm -lcrypt -lutil -lc
> perllibs=-lpthread -ldl -lm -lcrypt -lutil -lc
> libc=libc-2.31.so
> so=so
> useshrplib=true
> libperl=libperl.so
> gnulibc_version='2.31'
> Dynamic Linking:
> dlsrc=dl_dlopen.xs
> dlext=so
> d_dlsymun=undef
> ccdlflags='-Wl,-E
> -Wl,-rpath,/home/zefram/usr/perl/perl_install/perl-5.37.9-i64-f52/lib/5.37.9/x86_64-linux-thread-multi/CORE'
> cccdlflags='-fPIC'
> lddlflags='-shared -O2 -L/usr/local/lib -fstack-protector-strong'
>
>
> ---
> @INC for perl 5.37.9:
>
> /home/zefram/usr/perl/perl_install/perl-5.37.9-i64-f52/lib/site_perl/5.37.9/x86_64-linux-thread-multi
>
> /home/zefram/usr/perl/perl_install/perl-5.37.9-i64-f52/lib/site_perl/5.37.9
>
> /home/zefram/usr/perl/perl_install/perl-5.37.9-i64-f52/lib/5.37.9/x86_64-linux-thread-multi
> /home/zefram/usr/perl/perl_install/perl-5.37.9-i64-f52/lib/5.37.9
>
> ---
> Environment for perl 5.37.9:
> HOME=/home/zefram
> LANG (unset)
> LANGUAGE (unset)
> LD_LIBRARY_PATH (unset)
> LOGDIR (unset)
>
> PATH=/home/zefram/usr/perl/perl_install/perl-5.37.9-i64-f52/bin:/home/zefram/usr/perl/util:/home/zefram/pub/x86_64-unknown-linux-gnu/bin:/home/zefram/pub/common/bin:/usr/bin:/bin:/usr/local/bin:/usr/games
> PERL_BADLANG (unset)
> SHELL=/usr/bin/zsh
> ```
>
--
perl -Mre=debug -e "/just|another|perl|hacker/"
Thread Previous
|
Thread Next