Guillaume Marcais
3/29/2006 4:51:00 PM
Le 29 mars 06, à 11:04, graham a écrit :
>> I know there are Java bytecode obfuscators, anyone working on
>> something
>> similar for YARV?
>
> People seem to want a compiler for 2 reasons
> a) improved performance
> b) securing their source
>
> a) could be addressed by YARV, as previously commented
> b).. is it possible to do something simple like encrypt the source
> file and have ruby decypt the file "on-the-fly" as it reads it at
> run-time? The encryption key could be client specific and hence the
> code secure. I guess it would need Ruby VM to have a new command line
> mode (i.e. "start-up on the fly decryption - and here is my
> certificate"), and the source to be encypted / packed by something
> like rubyscript2exe
>
> Would this make a worthwhile quiz??
There are already been discussion about this on some schemed proposed.
But it usually didn't take very long for some clever people to write a
script to decrypt to program and spit it out. It probably isn't
possible to make something hard to figure out without modifying the
interpreter itself, as if you stay in pure Ruby, the code is decrypted
at some point and thanks to Ruby's dynamic properties, you can always
add some code at that very point.
Now if you modify the Ruby interpreter and do not release the source of
it, it can be as obfuscated as you can make the decryption piece in the
binary of your new interpreter. As soon as someone figure out your
encryption scheme, he/she can compile a ruby interpreter of their own
to spit out the code just before it is executed...
Guillaume.