How to stop users from accessing the backend source code running on server

Aaditya Srivastava

10/26/22, 8:46 PM

I wanted to distribute the server side code (Node.js) to some of my users for hosting purpose, but at the same time I don't want any type of manipulation inside the code. So I have decided to use linux (ubuntu) server and rollout a simple distro by limiting the users not to read or write on the code. but later I am came to know that anyone having physical access to system can reset the root account.

1 + 1

server

permissions

root

administration

lubuntu

danzel

10/27/22, 9:38 AM

Instead of manipulating your code, they could just host something else. If I interpret the question title and body correctly, it says "How to stop users from [manipulating] the backend [...] code running on [their] server", which simply is not possible.

Score:2

Ubuntu

raj

10/26/22, 9:16 PM

By design, someone having physical access to the machine can do anything. Even if you use a full disk encryption program like VeraCrypt, this protects only from someone who steals the disk/computer or tries to access it without knowledge of legitimate user. But the legitimate user must have the decryption password to be able to boot the system, so he is still able to do anything.

The only possibility is to remove the source code from the machine at all by using it in compiled form, if such possibility exists for Node.js. There are compilers for example for PHP (Zend Guard) but I don't know something similar exists for Node.js. You have to check.

0 + 2

Aaditya Srivastava

10/27/22, 6:29 AM

thank you sir, I wanted to distribute the Linux Distro by locking the root user account and giving the guest user accounts , with a limited permission , so in this situation how I can prevent root password reset from a guest account, and If someone tries to reset the account , all the data should be wiped out. I am in a big problem , please help me .

raj

10/27/22, 12:21 PM

@AadityaSrivastava What you want is not possible. You want to protect your source code, so the answer is: no source code on the machine AT ALL. Compile the code and distribute the compiled version ONLY.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to stop users from accessing the backend source code running on server

TH: วิธีหยุดไม่ให้ผู้ใช้เข้าถึงซอร์สโค้ดแบ็กเอนด์ที่ทำงานบนเซิร์ฟเวอร์

RO: Cum să împiedicați utilizatorii să acceseze codul sursă backend care rulează pe server

RU: Как запретить пользователям доступ к исходному коду бэкэнда, работающему на сервере

VI: Cách chặn người dùng truy cập mã nguồn phụ trợ đang chạy trên máy chủ

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.