| Author |
Message
|
| elvis_gn |
 Posted: Sun Jun 21, 2009 2:12 am Post subject: Obfuscation in WMB ? |
 |
|
Padawan
Joined: 08 Oct 2004
Posts: 1905
Location: Dubai
|
Hi All,
Want to know if there is a possibility of obfuscating code (flow and esql) in Broker ?
Basically want to know if it is possible to hide the underlying code inside sub-flows, thereby preventing developers from making their own changes.
Regards. |
|
| Back to top |
|
 |
| mymq |
| Posted: Sun Jun 21, 2009 7:04 am Post subject: |
|
|
Centurion
Joined: 01 Mar 2007
Posts: 101
Location: US-Greenwille
|
you can declare those sub flows as common flows and instruct the developers not to change the sub flows with out proper approvel from senior developer/lead.
U can use version control accrdingly as well.
_________________
--SRK-- |
|
| Back to top |
|
|
| elvis_gn |
| Posted: Sun Jun 21, 2009 9:00 pm Post subject: |
|
|
Padawan
Joined: 08 Oct 2004
Posts: 1905
Location: Dubai
|
Hi mymq,
| mymq wrote: |
| you can declare those sub flows as common flows and instruct the developers not to change the sub flows with out proper approvel from senior developer/lead. |
If only everyone was as obedient as you 
Actually the need is to protect intellectual capital too...
Regards. |
|
| Back to top |
|
|
| HOMETOWN47 |
| Posted: Mon Jun 22, 2009 4:03 am Post subject: |
|
|
Apprentice
Joined: 25 Mar 2003
Posts: 34
|
| Sounds like you may want to employ some for of code management system (Clear Case etc) to restrict who can and cannot make code changes... |
|
| Back to top |
|
|
| Vitor |
| Posted: Mon Jun 22, 2009 5:47 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| HOMETOWN47 wrote: |
| Sounds like you may want to employ some for of code management system (Clear Case etc) to restrict who can and cannot make code changes... |
Still wouldn't hide intellectual property from prying eyes.
It might be possible to do something with an automated blind build, which pulls the "hidden" code in from a protected repository.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| mqjeff |
| Posted: Mon Jun 22, 2009 5:59 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
You can't obfuscate flows, without a blind build system.
You can obfuscate ESQL using any normal means to obfuscate or encrypt/decrypt text and the EVAL command.
Performance will suffer,and a usertrace at runtime will show everything that you've tried to hide.
Hide your code behind an interface - queue or http or other. |
|
| Back to top |
|
|
| mymq |
| Posted: Tue Jun 23, 2009 6:56 pm Post subject: |
|
|
Centurion
Joined: 01 Mar 2007
Posts: 101
Location: US-Greenwille
|
I dont think so, we can control the developers that extend to stop the unwanted code change.
I believe, one should follow some process (version management) to not to change the common flows with out proper instruction.
This is the easiest way of protecting the code with out any cost.
_________________
--SRK-- |
|
| Back to top |
|
|
| Vitor |
| Posted: Wed Jun 24, 2009 12:59 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| mymq wrote: |
| This is the easiest way of protecting the code with out any cost. |
But doesn't protect the code from being viewed, which seems to be the point here.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| elvis_gn |
| Posted: Wed Jun 24, 2009 2:43 am Post subject: |
|
|
Padawan
Joined: 08 Oct 2004
Posts: 1905
Location: Dubai
|
Hi all,
| Vitor wrote: |
| mymq wrote: |
| This is the easiest way of protecting the code with out any cost. |
But doesn't protect the code from being viewed, which seems to be the point here. |
Yes, that is the point here.
Regards. |
|
| Back to top |
|
|
| mqjeff |
| Posted: Wed Jun 24, 2009 4:22 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
| The only way to really obfuscate anything in Broker is to develop a C plugin node and obfuscate it's code. |
|
| Back to top |
|
|
| mymq |
| Posted: Thu Jun 25, 2009 8:17 am Post subject: |
|
|
Centurion
Joined: 01 Mar 2007
Posts: 101
Location: US-Greenwille
|
Hi,
I really don't see a need of doing this (hiding the source code). If u have such a bad developers in your team, then your management has to do something on it. Haa Haa....
_________________
--SRK-- |
|
| Back to top |
|
|
| Vitor |
| Posted: Thu Jun 25, 2009 8:31 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| mymq wrote: |
| If u have such a bad developers in your team, then your management has to do something on it. Haa Haa.... |
Who says it's in-house developed code? Maybe the site using the code has simply bought the rights to execute it, rather than re-use it. Hence the need to hide the source from the client.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| dilse |
| Posted: Thu Jun 25, 2009 3:35 pm Post subject: |
|
|
Master
Joined: 24 Jun 2004
Posts: 270
|
You can write a Java plug-in node that accesses an external Jar(you can instruct the team to put it in 'shared-classes') that does the task.
_________________
DilSe..
Take life as it comes.. |
|
| Back to top |
|
|
| marko.pitkanen |
| Posted: Thu Jun 25, 2009 10:40 pm Post subject: |
|
|
Chevalier
Joined: 23 Jul 2008
Posts: 440
Location: Jamsa, Finland
|
Hi,
If performance is not the issue you can perhaps consider to provide those subflows and their underlying esql -code logic as external services via MQ or http(s) interface to the other flows.
Marko |
|
| Back to top |
|
|
|
|
