Quote:
Originally Posted by
SkySmart
my intent was to merely point out that i've been through enough impossible situations to know things can be possible if only thought of in a slightly different way. that's all.
There
are ways that would work, but you haven't wanted them. You're doing the opposite of what you think, clinging to one notion, not being creative.
Running them on a system you control and they don't; that would keep it safe.
Denying them access to the file, only allowing it to be run through sudo. That would keep it safe from anything but root.
Encrypting it with a ssl key, so it could only be run with a password, that would keep it safe from anyone that didn't know the password. (But not from anyone that did.) Note that they don't necessarily have to be the ones to punch in the password; you could type the password into ssh-agent, to keep it around for multiple later uses. Or the program could keep itself resident after being run once. Still difficult to perfectly protect from root but conceptually a lot harder to break.
Some sort of hardware-based crypto where the processor itself doesn't have access to the program, would also work.
But having a program containing
its own instructions and key for decrypting itself into plaintext running itself on an 'enemy' machine cannot be made secure.