Script Limits

Mark Talluto lists at canelasoftware.com
Fri Aug 8 03:05:04 EDT 2003


On Thursday, August 7, 2003, at 01:24 PM, Richard Gaskin wrote:

> Mark Talluto wrote:
>
>>> In the non-password-protected stack, all three text strings are
>>> readable.
>>> In the password-protected stack none of them are.
>>>
>>> It seems a change was introduced in the engine at some point that now
>>> provides complete protection for all three types of data storage.
>>>
>>>
>>
>> I just did another test in MC 2.5:
>>
>> While it is true that the data is safe in a text editor, it is not 
>> safe
>> when you do the following:
>>
>> Try opening that stack you created in MC.  You can not get to the
>> script data, but you can surely open up the custom property and read
>> what you put in there.
>
> Good point.  But while there mare good reasons to have self-modifying
> scripts, I'm not sure that having script space double as data storage 
> is the
> optimal answer.  Ironically the habit began with users of HC and OMO,
> neither of which provided options for protecting scripts at all....
>
> Maybe better would be a development-level password protection:  when 
> the
> devPasskey is set, before a stack can be opened in any IDE it would 
> need to
> have a matching devPassword.
>
> Of course one could build their own IDE, but if the data's that 
> interesting
> it really needs something stronger than the engine's DES-based 
> encryption
> anyway.

Ahhh...another good point.  We do need a better solution for encryption 
of data in stacks.


Best regards,
Mark Talluto
http://www.canelasoftware.com




More information about the metacard mailing list