explain

• In recent days, , Companies to enhance code security , The code encryption and decryption tool is introduced , namely ： Encrypt and decrypt the code written by the programmer , Use only authorized editing tools , Within the specified geographical range （ company ） Internal display and editing , Yes PC monitor , Copying and sending of code files are not allowed , Yes PC On U Plug and unplug external devices such as disk for monitoring .

Tool description

• Tool ownership window and linux edition
• window Version has the main functions , Include ： For the individual pc Monitoring of , Authorization of code editing tools, etc , Unauthorized tool opening code will display garbled code , It seems to have complete functions .
• linux edition , It seems that the authorization tool can not automatically decrypt the code when editing , When using the authorization tool to edit the encryption code , You need to manually add a authbash, as follows ：

* makefile Compile commands in 
authbash "gcc xxx -o xxx" 

• After installing the monitor , Automatically spaced scans pc Code file on .
• Unencrypted files can be sent or edited using unauthorized tools .

Tool cracking

• The monitoring product looks quite complete , It is difficult to crack ; But some small details are ignored - The Conduit .
• The code can be decrypted using a pipeline , as follows ：

authbash "cat xxx.c" | cat > xxx.c
*  It is uncertain whether there is any way to prohibit the use of similar pipelines .

• Other sensitive operations

authbash "cat xxx.c" > xxx.c # Redirection is restricted , It can't be done