Protect my plugin against unauthorized use

Discussion in 'Plugin Development' started by Fenmore, Sep 24, 2014.

Thread Status:
Not open for further replies.
  1. Offline

    Fenmore

    Hey guys,
    first I have to say I'm bad in english, but I hope you can understand what I'm talking about.

    I'm writing a plugin for a community. But I want to be sure, that they dont share it or something like that. So I was thinking about a protection that my plugin is useless without a specified code or a password. But I also dont want to activate the plugin everytime the server starts, so I have to safe a variable which may not be editable. Also I want to be able to remove my plugin ingame from the plugin folder.

    My questions:
    - How can I safe a variable which is not editable but stays after server shutdown?
    - How do I get the name of my plugin if it's renamed and how do I delete it?

    There are probably more questions but actually I dont know them ^^

    Hope you can help
     
    Fenmore, Sep 24, 2014
    #1
  2. Offline

    Nateb1121


    Unfortunately Java was not designed to be closed source, at least not in Bukkit's application.

    - There's no way to create a variable that stays after the server shuts down, unless you save it somewhere. But if you save it some where the person can always edit it. Even if you have it saved on another server, there's ways around that, too.
    - The name of your plugin is set in the plugin.yml, if someone changed the name it wouldn't run.
    - You can't make a plugin delete it self, not to my knowledge at least.
     
    Nateb1121, Sep 24, 2014
    #2
  3. Offline

    xTrollxDudex

    Depending on your definition of "delete self". You could have a jar resource that deletes a specific file and copy it into the directory, and run it, then, it will delete the jar. Ofc you will have to exit the application running the jar first before deleting it.
     
    xTrollxDudex, Sep 24, 2014
    #3
  4. Offline

    Luke_Lax

    You could go crazy and encrypt yml files containing password and other measures but you may want to ask yourself if it's actually worth developing this plugin for them if you don't trust them this much?
     
    Luke_Lax, Sep 24, 2014
    #4
  5. Offline

    Gerov

    Luke_Lax I don't think it is worth making a whole encryption system :p. But he can do what he wants.

    Ps. Your signature confused me for about 30 seconds.
     
    Gerov, Sep 24, 2014
    #5
    Luke_Lax likes this.
  6. Offline

    teej107

    I was going to like his post but it already said I liked it.

    Fenmore
    As far as deleting the plugin, disabling the plugin if the requirements aren't met is far more simple as you can't delete plugins being used by craftbukkit. Why should you have to worry about the plugin activating every server start if the server isnt authorized to use it? It's just a problem on the server owners side.
     
    teej107, Sep 24, 2014
    #6
  7. Offline

    mythbusterma

    Fenmore

    Your best bet here is to establish trust with the people you're writing it for, as not matter what copy protection you come up with, I could crack open the jar and circumvent it in less than a couple hours at most.

    If you still think you REALLLLLLLLLY need something like this, just about the only effective way of doing it is having it ask a server somewhere if the server it's running is a whitelisted server, and then deactivating the plugin if it isn't.

    But let's be honest, what sort of plugin could you write that would really need this sort of protection? If you can't figure something like this out, I would doubt it's a very good plugin worth stealing anyway.
     
    mythbusterma, Sep 24, 2014
    #7
Thread Status:
Not open for further replies.

Share This Page