Well there are several aspects to this, I want to protect the code from
being read, from being modified and from internal attacks.
I could use the file system permissions but its always vunrable to at
least one person. This normally would not be a problem but we are
dealing with sensative data.
We can make the encrypt key in the interpreter hard to find, not
impossible, but much more secure than having open source code.
Leslie V. wrote:
On 5/22/06, Kris email@example.com wrote:
It would take a higher skill set to extract it though.
And you can write code that helps hide a key in a binary file.
So is it possible to write a C extension that overrides the ruby require
in the same way as the previous ruby example?
Sorry to be a whiner, but can’t you put the key in a file only readable
by the person who should be able to read it? Ie. manage your key
security using your OS’s security. Then you can also encrypt your
key file with a password the user has to enter if you like. This is how
SSH handles private keys.
Or are you trying to obfuscate a Ruby program?
It sounds like you are prepared to go to a lot of effort to create a
weak encryption system, which would be a shame.