Quote:
Originally Posted by
panyam
The reason for doing the compilation is , so many users will use the same application account to login to the box and If we feel to protect our scripts being inspected/modified by some one else. I know that we can handle this by changing file permissions how ever this I can do only if the user accounts are different.
So make a new account -- that's what they're there for. Grant read-write permissions to the new user, execute-only permissions to the application group, and nothing else at all to anything. Application users will still be able to run the script under the 'application' user without being able to read or modify it, and people with proper clearance can login to the new account to modify it.
Compiling a script is fundamentally dodgy anyway. I wouldn't trust a compiled script to do exactly what the shell script did for anything but rudimentary scripts, and if it starts messing up how in the world are you going to figure it out? Proper permissions properly is much better than compiling it, that just obfuscates the file in the hope nobody's clever enough to run 'strings' on it.