PDA

View Full Version : Password Locking Script


HippyCraig
05-12-2009, 08:55 AM
I know Password Locking scripts was discusseed before but has there been any more consideration for this feature. My company is increasing there outsourcing efforts and I would really like a way to lock these scripts down from editing. I keep getting new teams to work and who knows what there doing to these scripts, I have had to go back and modify or recreate becuase of careless mistakes.

I have concedered the run only tool, but in my current setup it would compliate things for the team running the scripts.

If this feature will be included, what is the time frame, it will be a welcomed feature?

kinook
05-12-2009, 10:10 AM
Based on this post: http://www.kinook.com/Forum/showthread.php?threadid=3863
I believe what you're looking for is a way to allow users to build a project but edit it only if a password is provided.

As mentioned, the simplest option (already available) would be to install and use only the console application (or VBP runtime) on machines where users should be able to build but not edit project files. Of course, users could circumvent this by installing the VBP GUI application.

One option for us to implement this in the GUI app would be to simply store a password (in encrypted form) in the .bld file and if found when loading, disable editing unless the password is provided. However, a knowledgeable user could simply remove the password from the project file (or modify other properties in the project file itself) before opening it. This would be easy to implement but also easy to circumvent.

A more secure method would be to save files that require a password to edit in an encrypted binary format or with an XML digital signature (to prevent tampering). This would be more secure (and take longer to implement), but keep in mind that since the file would need to be encrypted with a key hard-coded into Visual Build (so that it could always be unencrypted in order to build), it still would not provide much protection -- an enterprising user could determine the hard-coded encryption key without too much effort (and once available, it could be used by anyone who obtains it) and edit protected project files.

The highest level of protection (which also is already available) would be to prevent users that should only be able to build projects from having direct access to .bld files, for instance by providing them with a web front-end for launching builds on a machine that they can only access via http (see the WebLauncher (http://www.kinook.com/VisBuildPro/Manual/weblaunchersample.htm) sample), or via remote (http://www.kinook.com/VisBuildPro/Manual/programremotetab.htm) execution of builds.

So I'm wondering what level of edit protection you expect or require.

Thanks.

HippyCraig
05-12-2009, 10:31 AM
If it can be done maybe implement it in stages. My immediate goal is to prevent these users from making accidental mistakes.

But the long term might be if a password was implemented to have the option to save in an encrypted binary format or with an XML digital signature. I would think that would be an open question for the Visual Build community.

I will take a look at the option of creating a web front end to manage the builds, has that ever been a thought for your team to implement something of that nature as an add on to Visual Build.

kinook
05-12-2009, 10:51 AM
Originally posted by HippyCraig
But the long term might be if a password was implemented to have the option to save in an encrypted binary format or with an XML digital signature.We'll investigate what it would take to implement this and see whether other users express an interest.

Admin note: Implemented in v7

Originally posted by HippyCraig
I will take a look at the option of creating a web front end to manage the builds, has that ever been a thought for your team to implement something of that nature as an add on to Visual Build. There haven't been many requests for more than what's already possible with WebLauncher.

HippyCraig
05-12-2009, 11:00 AM
Thanks! I will look at the WebLauncher sample application further.

Also thanks for the quick response, as always you guys do a great job!!