[lnkForumImage]
TotalShareware - Download Free Software
Confronta i prezzi di migliaia di prodotti.
Asp Forum
 Home | Login | Register | Search 


 

Forums >

comp.lang.ruby

Compiling ruby code

Simon Nielsen

3/29/2006 12:38:00 PM

i know very little about ruby, have only looked shortly at rails

Is it possible to compile my own code so that it cannot be viewed by
others ?

much like the zend compiler does for php

--
Posted via http://www.ruby-....
8 Answers

Bill Barnhill

3/29/2006 12:56:00 PM

0

Yes and no.

There is Rubyscript2exe:
http://www.erikveen.dds.nl/rubyscript2exe/...

That said suspect it would not be too hard to hack into the exe and retrieve
the script, as I believe it stores the script text and then interprets it
using an embedded interpreter. I think any language that's interpreted will
be hackable, question is how hard you can make it for them. I also suspect
we can make it a lot harder in Ruby 2.0, with a Ruby VM.

You might also want to check out:
All In One Ruby - http://www.erikveen.dds.nl/allinoneruby/...

=Bill.Barnhill

On 3/29/06, Simon Nielsen <sn@needhost.dk> wrote:
>
> i know very little about ruby, have only looked shortly at rails
>
> Is it possible to compile my own code so that it cannot be viewed by
> others ?
>
> much like the zend compiler does for php
>
> --
> Posted via http://www.ruby-....
>
>

dseverin

3/29/2006 12:59:00 PM

0

Simon Nielsen wrote:
> i know very little about ruby, have only looked shortly at rails
>
> Is it possible to compile my own code so that it cannot be viewed by
> others ?
>
> much like the zend compiler does for php

There's currently no ruby compiler.

If you want better performance take look at YARV project (
http://www.atdot... )

If you want to protect your code from reuse, here are some well-known
rules ( http://www.faqs.org/docs/artu/ch... )

Just INVERT them all and apply INVERTED rules to your code and mind -
and there will be no need to compile or obfuscate your code ever :)))

--
Posted via http://www.ruby-....

Guillaume Marcais

3/29/2006 1:49:00 PM

0

Le 29 mars 06, à 07:59, Damphyr a écrit :

> Bill Barnhill wrote:
>> Yes and no.
>> There is Rubyscript2exe:
>> http://www.erikveen.dds.nl/rubyscript2exe/...
>> That said suspect it would not be too hard to hack into the exe and
>> retrieve
>> the script, as I believe it stores the script text and then
>> interprets it
>> using an embedded interpreter. I think any language that's
>> interpreted will
> Well, in this case it's not exactly hard, it's more like childlike
> easy:
> rubyscript2exe untars the whole ruby environment, together with your
> script, in the temp directory. Getting the source means browsing the
> temp folder :)

It's even easier than that. The executable created has an option
--eee-justextract, which will extract the whole thing in the current
directory...

Guillaume.

> Cheers,
> V.-
> --
> http://www.braveworl...
>
> ____________________________________________________________________
> http://www.f... - äùñåÜí õðçñåóßá çëåêôñïíéêïý ôá÷õäñïìåßïõ.
> http://www.f... - free email service for the Greek-speaking.
>
>

James Herdman

3/29/2006 1:58:00 PM

0

Thanks for the link dseverin! Definitely add to my to-do list.

James H.

Bill Barnhill

3/29/2006 2:01:00 PM

0

Good to know, thanks :)I know there are Java bytecode obfuscators, anyone working on somethingsimilar for YARV?On 3/29/06, Guillaume Marcais <guslist@free.fr> wrote:>> Le 29 mars 06, ? 07:59, Damphyr a ?crit :>> > Bill Barnhill wrote:> >> Yes and no.> >> There is Rubyscript2exe:> >> http://www.erikveen.dds.nl/rubyscript2exe/inde... >> That said suspect it would not be too hard to hack into the exe and> >> retrieve> >> the script, as I believe it stores the script text and then> >> interprets it> >> using an embedded interpreter. I think any language that's> >> interpreted will> > Well, in this case it's not exactly hard, it's more like childlike> > easy:> > rubyscript2exe untars the whole ruby environment, together with your> > script, in the temp directory. Getting the source means browsing the> > temp folder :)>> It's even easier than that. The executable created has an option> --eee-justextract, which will extract the whole thing in the current> directory...>> Guillaume.>> > Cheers,> > V.-> > --> > http://www.braveworld.ne... >> > ____________________________________________________________________> > http://www.f... - d??e?? ?p??es?a ??e?t??????? ta??d??µe???.> > http://www.f... - free email service for the Greek-speaking.> >> >>>>

graham

3/29/2006 3:01:00 PM

0

> I know there are Java bytecode obfuscators, anyone working on something
> similar for YARV?

People seem to want a compiler for 2 reasons
a) improved performance
b) securing their source

a) could be addressed by YARV, as previously commented
b).. is it possible to do something simple like encrypt the source file
and have ruby decypt the file "on-the-fly" as it reads it at run-time? The
encryption key could be client specific and hence the code secure. I guess
it would need Ruby VM to have a new command line mode (i.e. "start-up on
the fly decryption - and here is my certificate"), and the source to be
encypted / packed by something like rubyscript2exe

Would this make a worthwhile quiz??
Graham

graham

3/29/2006 4:14:00 PM

0


> Now if you modify the Ruby interpreter and do not release the source of
> it, it can be as obfuscated as you can make the decryption piece in the
> binary of your new interpreter. As soon as someone figure out your
> encryption scheme, he/she can compile a ruby interpreter of their own to
> spit out the code just before it is executed...
>
Well PGP is available as source - and it seems to provide pretty
encryption via the use of certificates. Sure you could alter the
interpreter to save the source before execution - but that would only help
if you were an authorised user with a valid certificate to run the
encrypted codebase - and if you had this - why would you want to pirate
the source anyway as you had already "bought" it?

Graham

Guillaume Marcais

3/29/2006 4:51:00 PM

0

Le 29 mars 06, à 11:04, graham a écrit :

>> I know there are Java bytecode obfuscators, anyone working on
>> something
>> similar for YARV?
>
> People seem to want a compiler for 2 reasons
> a) improved performance
> b) securing their source
>
> a) could be addressed by YARV, as previously commented
> b).. is it possible to do something simple like encrypt the source
> file and have ruby decypt the file "on-the-fly" as it reads it at
> run-time? The encryption key could be client specific and hence the
> code secure. I guess it would need Ruby VM to have a new command line
> mode (i.e. "start-up on the fly decryption - and here is my
> certificate"), and the source to be encypted / packed by something
> like rubyscript2exe
>
> Would this make a worthwhile quiz??

There are already been discussion about this on some schemed proposed.
But it usually didn't take very long for some clever people to write a
script to decrypt to program and spit it out. It probably isn't
possible to make something hard to figure out without modifying the
interpreter itself, as if you stay in pure Ruby, the code is decrypted
at some point and thanks to Ruby's dynamic properties, you can always
add some code at that very point.

Now if you modify the Ruby interpreter and do not release the source of
it, it can be as obfuscated as you can make the decryption piece in the
binary of your new interpreter. As soon as someone figure out your
encryption scheme, he/she can compile a ruby interpreter of their own
to spit out the code just before it is executed...

Guillaume.