[support] phc obfuscate / drupal 7

Austin Einter austin.einter at gmail.com
Thu Dec 27 01:52:00 UTC 2012


Hi Lary
Thanks for input.

I am not going to distribute code to any customer. It is developed by us
(taking Drupal as base) and we will be hosting it. We will never give it to
any customer in future also.

The only worry is, in hosting company, if any of their ADMIN guys takes
code and give to other competitors without our knowledge. Ofcourse I will
have root access and its going to be a dedicated solution. But I feel thats
not the solution. One can just take hard disk, put to another machine, copy
data and then again put back to original machine.

Otherwise absolutely no worry

Probably Drupal community need to think in line of hiphop or develop
something similar.

Thanks a lot.
Austin




On Wed, Dec 26, 2012 at 11:18 AM, Larry Garfield <larry at garfieldtech.com>wrote:

>  The last I heard, HipHop doesn't work with Drupal because Drupal uses
> parts of PHP that HipHop doesn't support.  Really, HH is not a general
> solution for PHP performance tuning.  You have to write code with HH in
> mind for it to be effective, which Facebook did when creating HH.
>
> As far as "protecting" source code, the GPL license basically says you
> can't do that; or rather, it's worthless to do so because anyone you
> distribute the code to is legally entitled to the un-obfuscated source code
> as well.  That includes any custom modules you write.  Note that only
> triggers if you distribute the code to someone else; putting code on a web
> server does not count as distribution (AFAIK), so the host is not legally
> entitled to do anything with your code other than host it.
>
> That said, if your business model for your site relies on some non-trivial
> set of modules remaining forever-secret, then your business model is
> already buggered and you need to find a new one.  Really, the investment in
> working with the community rather than building a lot of custom code that
> you have to maintain is worth far more than your custom code.  That will be
> especially true then next time you decide to do a major version upgrade,
> where you'll find yourself with a lot of custom code that only you can
> possibly upgrade and no one willing to help you in the slightest.  That is
> a bad bad place to be.
>
> --Larry Garfield
>
>
> On 12/25/2012 05:38 PM, Austin Einter wrote:
>
>    Thanks a lot all.
>
>  I know Drupal is open source, I wanted to protect only the custom modules
> developed. I learnt from this discussion that -
>
>  1. Take a dedicated m/c, so root access is with me. That gives some
> protection.
>  2. Will go for a trusted / reputed web hosting company.
>
>  On a side note, I read somewhere a separate branch is maintained for
> Drupal code base (probably 7.4) that is compatible with hihop use., Can
> somebody give more information in this regard such as is it maintained and
> available for latest Drupal 7 releases..
>
>  Thanks and Regards
>  Austin
>
>
>
> On Tue, Dec 25, 2012 at 10:12 PM, Richard Damon <Richard at damon-family.org>wrote:
>
>> On 12/25/12 10:49 AM, Jarry wrote:
>> > On 25-Dec-12 16:26, Austin Einter wrote:
>> >> I am worried for few things.  Lets say I will be taking a dedicated
>> >> server say from rackspace or doster or godady and host my site as a
>> >> commercial one.
>> >>
>> >> I would not doubt the companies like rackspace or godady ..., but
>> >> difficult to believe admin engineers who may take the source code and
>> >> give it to somebody else for few dollars..,
>> > Source code of what? Drupal or some modules? Drupal is GPL-ed,
>> > so anybody can have it. Or your own drupal-module? I'm not sure
>> > but I think if you develop something for Drupal, you have to
>> > distribute it under the same license at no charge. So which
>> > php-code you want to obfuscate and why?
>> >
>> > Jarry
>> > ---
>> >
>>  The GPL means that *IF* you distribute the results, you need to provide
>> the source, but there is no requirement to publish source if you do not
>> distribute your "product" (i.e. for your own use). This is good, as it
>> means you are not required to publish your settings.php file with your
>> database passwords!
>>
>> This does mean that if you produce as a product a Drupal module, (I
>> believe) you can not just distribute it as a protected file, you need to
>> provide the source for it, but this is only if you distribute it.
>>
>> --
>> Richard Damon
>>
>> --
>> [ Drupal support list | http://lists.drupal.org/ ]
>>
>
>
>
>
>
> --
> [ Drupal support list | http://lists.drupal.org/ ]
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/support/attachments/20121227/c8009732/attachment-0001.html 


More information about the support mailing list