I have a couple scripts I use extensively at work that I want to prevent my boss from stealing (I wrote them on my own time, and he never paid me for the last script I did for him a year ago). He really doesn’t know anything about the workings of applescript, so it doesn’t need to be overly complex or even secure, just enough that it kicks anyone out who doesn’t have the correct password to run it. I’ll save the editable version to my flash drive and a run-only copy will replace what I use every day. What’s the best way to do this?
This works well enough for my purposes.
set {text returned:returnedTXT} to (display dialog "password question" default answer "" buttons {"OK"} default button 1)
if returnedTXT is not "password answer" then
return
end if
From Standard Additions dictionary:
Now he can peek over your shoulder, to no avail
For more security with minor difference is that you can save an md5 hash. Even if we’re not talking about programmers every person who is a bit handy with an hex editor can resolve static text from every application including your password. When the static text is an md5 hash it is still difficult for him to resolve the real password if your password cannot be found in a md5 hash table online.
something like this
set theHash to "ed076287532e86365e841e92bfc50d8c" --Hello World!
set x to display dialog "Please enter your password to continue" default answer "" buttons {"OK"} default button 1 with hidden answer
set a to do shell script "md5 -q -s " & quoted form of text returned of x
if a is not theHash then --is a case sensitive comparison
return false
end if
return true
Here’s my big version:
NOTE: This is a folder actions script, just attach it to a new folder you made and put all your scripts in there
on opening folder This_Folder
tell application "Finder"
set dialogresult to display dialog "Please enter your password to access this folder." buttons {"Accept"} default button 1 default answer "" with title "Script Security" with hidden answer
set PWText to the text returned of dialogresult
if PWText = "YOUR-PASS-HERE" then
display dialog "Access Granted" buttons {"Ok"} default button 1
else
close folder This_Folder
beep 3
set volume 1
tell application "iCal"
tell calendar "Accesses" -- MAKE SURE TO MAKE YOUR OWN ACCESSES CALENDAR
set theCurrentDate to current date
make new event at end with properties {description:"User attempted to access script folder, and was stopped and logged out.", summary:"Security Breach", location:"Macbook", start date:theCurrentDate, end date:theCurrentDate + 0 * minutes}
end tell
end tell
display dialog "The password entered is incorrect
You will be auto-logged out in ten seconds." buttons {"Log out now"} default button 1 giving up after 10
tell application "System Events" to set the visible of every process to true
tell application "System Events" to set theApps to (name of every process whose visible is true and name is not "Finder" and name is not (my name as text))
repeat with theApp in theApps
tell application theApp to quit
end repeat
tell application "System Events" to log out
delay 1
keystroke return
keystroke return
keystroke return
keystroke return
keystroke return
keystroke return
keystroke return
keystroke return
keystroke return
keystroke return
keystroke return
end if
end tell
end opening folder
It’ll log him out too so if the way he gets on is when you leave for a minute, then he cant get back on (he doesnt know your login pass). Also, it writes an event inside your calendar “Accesses” an event at this time saying someone tried and failed to access the folder. If it doesnt work (any bugs) just tell me! Please PM me saying you posted too, its hard to go back through all the posts Thanks
lemuralex13
With the section of your script that logs out, what happens if the application has unsaved documents?
What if the boss is using the Terminal?
So there are two ways of securing such thing, in code itself or bsd file permissions. I would say abrupt the code when the user presses the wrong password. Also make an expiration date of you script. The expiration date is needed when someone fooled you and has your password, he can only use your script for a short time, then it’s your turn again.
On the other hand I would say that a boss has in most cases the last word. I mean some people think they have won but you only end up with no job or a boss that makes your job less pleasant. So my question is, how far would you go and can you go?
@divister
I guess you could figure out a way to tell them to save, not sure how you’d do that… Hmm…