I wrote a ASS App for our convenience in our office. Because of stored passwords in the script, I do not want that all people can open the package and see the scripts in plain text.
I looked to other scripts and realize that you can’t see the Code (like in a script that was saved as “excecute only”.
How do I do this in Xcode? Do I have to manuallly change the scripts in the finishd build?
thx - ph
Storing passwords in scripts is inherently insecure. Saving the script as read-only won’t help: the password strings will still be visible if the script is opened in a text editor. You could try obfuscating them to make them harder to identify within a read-only script, but why not store them somewhere genuinely secure like Keychain instead?
If I save a script in scripteditor as Excecute only it is not possible anymore to open it with scripteditor. When I try to open it in texteditor I only see scrambled stuff. No details. Shouldn’t that secure enough?
has is correct, the strings in run only scripts can still be viewed. This has been covered before (see here). Use the Keychain for passwords (see here). As to saving an AppleScript Studio app as run only, you need to change the build style to “deployment” (see here).
I wish that link would work. I’m having trouble with compiling run-only script file, even tho I’m making the build with “deployment”-settings.
Seems like I’m having something screwed up, as I cannot make ZeroLink-less builds, even I have unselected that setting from everywhere possible - almost, as I haven’t tried development-syle build with unmarked ZeroLink-setting, but I’m getting desperate enough to try even that…
I’m not sure what I did, but I got past the ZeroLink-less problem.