Script Limits
Mark Talluto
lists at canelasoftware.com
Fri Aug 8 03:05:04 EDT 2003
On Thursday, August 7, 2003, at 01:24 PM, Richard Gaskin wrote:
> Mark Talluto wrote:
>
>>> In the non-password-protected stack, all three text strings are
>>> readable.
>>> In the password-protected stack none of them are.
>>>
>>> It seems a change was introduced in the engine at some point that now
>>> provides complete protection for all three types of data storage.
>>>
>>>
>>
>> I just did another test in MC 2.5:
>>
>> While it is true that the data is safe in a text editor, it is not
>> safe
>> when you do the following:
>>
>> Try opening that stack you created in MC. You can not get to the
>> script data, but you can surely open up the custom property and read
>> what you put in there.
>
> Good point. But while there mare good reasons to have self-modifying
> scripts, I'm not sure that having script space double as data storage
> is the
> optimal answer. Ironically the habit began with users of HC and OMO,
> neither of which provided options for protecting scripts at all....
>
> Maybe better would be a development-level password protection: when
> the
> devPasskey is set, before a stack can be opened in any IDE it would
> need to
> have a matching devPassword.
>
> Of course one could build their own IDE, but if the data's that
> interesting
> it really needs something stronger than the engine's DES-based
> encryption
> anyway.
Ahhh...another good point. We do need a better solution for encryption
of data in stacks.
Best regards,
Mark Talluto
http://www.canelasoftware.com
More information about the metacard
mailing list