It is really fun to hide your code from others, even if the scripts are
out there for everyone to see - one makes sure that the passers by not
able to comprehend what a particular script does. The easiest way to do
that would be to remove all the comments that you would have made in the
code for your own understanding about each and every routine of a
script. But an expert programmer can actually say what the script is
doing in no time.
Oracle comes with its very own utility of encrypting a procedure/function or a package for that matter. This encryption is achieved using the wrap utility from $ORACLE_HOME/bin. Wrap takes two arguments 'iname' and 'oname'.
iname - name of the input file name
oname - name of the output file name.
Although 'oname' is optional, however it is a good practice to include 'oname' in the command to give a user defined output file name. If 'oname' is skipped, then the wrap utility creates the output file in the same name as that of the 'iname but with an extension of 'plb'.
Let us understand this more clearly with an example. Here is a procedure code in a file test_proc.txt which will be wrapped to obfuscate the code.
The above script test_proc.txt will be wrapped without mentioning an output file, results in the creation of test_proc.plb file as shown below.
Below is example which uses the oname parameter of the wrap utility.
The script/file generated as the output of the wrap command could be used to run in the sql prompt which actually does the job of the original sql script. The contents of the wrapped file are only readable by the Oracle server which leaves the user only wonder about the junk found in the wrapped script.
Note : The contents of the wrapped script cannot be changed to make changes to the code. In order to do that, the original script has to be editted with the changes and generate a new wrapped script.
The contents of the test_proc.plb script is shown below to give you a glance of how the wrapped script looks like.
Most of the scripts/packaged scripts that are called in the catproc.sql script are already wrapped by oracle, so no expert DBA/Developer can meddle with them....I wish if there is any such wrapping at the UNIX operating system level to encrypt all
the shell scripts....(chuckles)
Oracle comes with its very own utility of encrypting a procedure/function or a package for that matter. This encryption is achieved using the wrap utility from $ORACLE_HOME/bin. Wrap takes two arguments 'iname' and 'oname'.
iname - name of the input file name
oname - name of the output file name.
Although 'oname' is optional, however it is a good practice to include 'oname' in the command to give a user defined output file name. If 'oname' is skipped, then the wrap utility creates the output file in the same name as that of the 'iname but with an extension of 'plb'.
Let us understand this more clearly with an example. Here is a procedure code in a file test_proc.txt which will be wrapped to obfuscate the code.
------------------- --- test_proc.txt - ------------------- create or replace procedure p1 as a number; b varchar2(20); begin select username into b from dba_users where username='SYSTEM'; dbms_output.put_line(chr(0)); dbms_output.put_line(b); end; /
The above script test_proc.txt will be wrapped without mentioning an output file, results in the creation of test_proc.plb file as shown below.
C:\Documents and Settings\oracle_and_unix\Desktop>wrap iname=test_proc.txt PL/SQL Wrapper: Release 10.2.0.1.0- Production on Fri Mar 27 15:49:38 2009 Copyright (c) 1993, 2004, Oracle. All rights reserved. Processing test_proc.txt to test_proc.plb C:\Documents and Settings\oracle_and_unix\Desktop>
Below is example which uses the oname parameter of the wrap utility.
C:\Documents and Settings\oracle_and_unix\Desktop>wrap iname=test_proc.txt oname=proc.sql PL/SQL Wrapper: Release 10.2.0.1.0- Production on Fri Mar 27 15:53:53 2009 Copyright (c) 1993, 2004, Oracle. All rights reserved. Processing test_proc.txt to proc.sql C:\Documents and Settings\oracle_and_unix\Desktop>
The script/file generated as the output of the wrap command could be used to run in the sql prompt which actually does the job of the original sql script. The contents of the wrapped file are only readable by the Oracle server which leaves the user only wonder about the junk found in the wrapped script.
Note : The contents of the wrapped script cannot be changed to make changes to the code. In order to do that, the original script has to be editted with the changes and generate a new wrapped script.
The contents of the test_proc.plb script is shown below to give you a glance of how the wrapped script looks like.
create or replace procedure p1 wrapped a000000 b2 abcd abcd abcd abcd abcd abcd abcd abcd abcd abcd abcd abcd abcd abcd abcd 7 ac ce izB2dE4cerXXikkhm/Ipr/ZX/L4wgzJHLcvhqC82afa84JjW1G6x05lvK6itj8KZq9U/r7Vk 2xUl4Bj6E0evPV59WaW8qbZpy/JyWn6UFWot0Ep47TvJn0WwUUafm7JFLx+cvQnelC9IcYI2 9YaZ4XJaTpt4RdGb8WBCLcVwp8wS2iPacl8AlCUiwofwOoxXN/JLsCjkc1a0 /
Most of the scripts/packaged scripts that are called in the catproc.sql script are already wrapped by oracle, so no expert DBA/Developer can meddle with them....I wish if there is any such wrapping at the UNIX operating system level to encrypt all
the shell scripts....(chuckles)
No comments:
Post a Comment