When writing a interpreter extension are there any hooks in to the
different stages of interpretation?
In particular I would like to pre-process the ruby file/class being
interpreted. Is a ruby class block loaded from a file or read line by
line?
Many thanks, K.
On May 19, 2006, at 6:28 AM, Kris wrote:
When writing a interpreter extension are there any hooks in to the
different stages of interpretation?In particular I would like to pre-process the ruby file/class being
interpreted. Is a ruby class block loaded from a file or read line by
line?
Override require.
–
Eric H. - [email protected] - http://blog.segment7.net
This implementation is HODEL-HASH-9600 compliant
Many thanks Eric, do you have a code example by any chance to get me
started, I’m not so familiar with C!
Eric H. wrote:
On May 19, 2006, at 6:28 AM, Kris wrote:
When writing a interpreter extension are there any hooks in to the
different stages of interpretation?In particular I would like to pre-process the ruby file/class being
interpreted. Is a ruby class block loaded from a file or read line by
line?Override require.
–
Eric H. - [email protected] - http://blog.segment7.net
This implementation is HODEL-HASH-9600 compliant
On May 19, 2006, at 10:50 AM, Kris wrote:
line?
Override require.
Many thanks Eric, do you have a code example by any chance to get me
started, I’m not so familiar with C!
You don’t need to write any C at all. Write it in Ruby.
–
Eric H. - [email protected] - http://blog.segment7.net
This implementation is HODEL-HASH-9600 compliant
On May 19, 2006, at 2:59 PM, Eric H. wrote:
line by
Eric H. - [email protected] - http://blog.segment7.net
This implementation is HODEL-HASH-9600 compliant
For example:
module Kernel
alias old_require require
def require(file)
# first check if it’s already been required by searching
$LOADED_FEATURES
# Search $LOAD_PATH for the file
if it’s an .rb file then
File.open(full_path_and_filename) do |f|
# Preprocess f and if neccessary do any changes and eval them
end
# add the file to $LOADED_FEATURES
else
old_require(file)
end
end
end
Quoting [email protected], on Mon, May 22, 2006 at 12:29:24AM
+0900:
Thanks for the reply.
The problem with doing it in Ruby is that there is no where to hide the
decryption key… It would be in plain text, unless I’m am missing
something?
Doing it in compiled C would leave it in plain text, too, just mildly
more obfuscated.
Sam
Thanks for the reply.
The problem with doing it in Ruby is that there is no where to hide the
decryption key… It would be in plain text, unless I’m am missing
something?
Logan C. wrote:
On May 19, 2006, at 2:59 PM, Eric H. wrote:
line by
Eric H. - [email protected] - http://blog.segment7.net
This implementation is HODEL-HASH-9600 compliantFor example:
module Kernel
alias old_require requiredef require(file)
# first check if it’s already been required by searching
$LOADED_FEATURES
# Search $LOAD_PATH for the file
if it’s an .rb file then
File.open(full_path_and_filename) do |f|
# Preprocess f and if neccessary do any changes and eval them
end
# add the file to $LOADED_FEATURES
else
old_require(file)
end
end
end
It would take a higher skill set to extract it though.
And you can write code that helps hide a key in a binary file.
So is it possible to write a C extension that overrides the ruby require
in the same way as the previous ruby example?
Many thanks, K.
Sam R. wrote:
Quoting [email protected], on Mon, May 22, 2006 at 12:29:24AM
+0900:Thanks for the reply.
The problem with doing it in Ruby is that there is no where to hide the
decryption key… It would be in plain text, unless I’m am missing
something?Doing it in compiled C would leave it in plain text, too, just mildly
more obfuscated.Sam
On 5/22/06, Kris [email protected] wrote:
It would take a higher skill set to extract it though.
And you can write code that helps hide a key in a binary file.So is it possible to write a C extension that overrides the ruby require
in the same way as the previous ruby example?
Sorry to be a whiner, but can’t you put the key in a file only readable
by the person who should be able to read it? Ie. manage your key
security using your OS’s security. Then you can also encrypt your
key file with a password the user has to enter if you like. This is how
SSH handles private keys.
Or are you trying to obfuscate a Ruby program?
It sounds like you are prepared to go to a lot of effort to create a
weak encryption system, which would be a shame.
Les
Well there are several aspects to this, I want to protect the code from
being read, from being modified and from internal attacks.
I could use the file system permissions but its always vunrable to at
least one person. This normally would not be a problem but we are
dealing with sensative data.
We can make the encrypt key in the interpreter hard to find, not
impossible, but much more secure than having open source code.
Leslie V. wrote:
On 5/22/06, Kris [email protected] wrote:
It would take a higher skill set to extract it though.
And you can write code that helps hide a key in a binary file.So is it possible to write a C extension that overrides the ruby require
in the same way as the previous ruby example?Sorry to be a whiner, but can’t you put the key in a file only readable
by the person who should be able to read it? Ie. manage your key
security using your OS’s security. Then you can also encrypt your
key file with a password the user has to enter if you like. This is how
SSH handles private keys.Or are you trying to obfuscate a Ruby program?
It sounds like you are prepared to go to a lot of effort to create a
weak encryption system, which would be a shame.Les
On 5/22/06, Kris L. [email protected] wrote:
Well there are several aspects to this, I want to protect the code from
being read, from being modified and from internal attacks.I could use the file system permissions but its always vunrable to at
least one person. This normally would not be a problem but we are
dealing with sensative data.We can make the encrypt key in the interpreter hard to find, not
impossible, but much more secure than having open source code.
Try to do this. I bet I could break it in 10 minutes.
But against the average person it might work. But the average person
is not your problem…
Ryan
In any case how would you go about securing ruby code or do you think it
is not possible? Is no code secure?
By reading the key from the binary or reading the un-encrypted code from
memory?
Ryan L. wrote:
On 5/22/06, Kris L. [email protected] wrote:
Well there are several aspects to this, I want to protect the code from
being read, from being modified and from internal attacks.I could use the file system permissions but its always vunrable to at
least one person. This normally would not be a problem but we are
dealing with sensative data.We can make the encrypt key in the interpreter hard to find, not
impossible, but much more secure than having open source code.Try to do this. I bet I could break it in 10 minutes.
But against the average person it might work. But the average person
is not your problem…Ryan
The use case can’t be changed, it would need to be secure code… At the
moment I dont see any language that offers this, Java and .NET make
bytecode which is easily reversed. There are obsfucator’s but I dont
think they provide much protection just a layer against casual file
browsing. PHP’s obsfucator’s are easily reversed with online services.
Do you not think a binary offers protection for code…? You can’t
reverse to code anyway. It whole ruby code base was kept in the binary
and ran inline, like embedded ruby this might offer real protection…
It would need to be encrypted inside the binary.
Kris L. wrote:
dealing with sensative data.
We can make the encrypt key in the interpreter hard to find, not
impossible, but much more secure than having open source code.
Try to do this. I bet I could break it in 10 minutes.But against the average person it might work. But the average person
is not your problem…Ryan
Haha, you really don’t want to go down this road. If you can’t
accomplish what you are trying to do with proven cryptographic security
primitives, then you should probably change the use case. Security
through obscurity is really a waste of everyones time. Even if you make
it quite difficult for people to figure out, it only takes one person to
do the work and then everyone can take advantage of the crack.
-Jeff
The use case can’t be changed, it would need to be secure code…
Then the prerequisite would be secure hardware. It’s not possible to
safely encrypt code purely in software.
You’ve not explained why you think that code hidden inside a compiled
binary is safe. It might be just a tad more difficult to extract than
from a script, but it doesn’t make sense to distinguish between sorta
safe and a little bit more safe.
Maybe you need to describe the use case in more detail.
-tim
On 5/22/06, Kris L. [email protected] wrote:
By reading the key from the binary or reading the un-encrypted code from
memory?
Yep.
There is work being done to create a Ruby obfuscator by Ryan D. and
Eric H.:
http://blog.zenspider.com/archives/2006/03/obfuscated_hack.html
It is part of the RubyToC project. That may be your best bet.
Ryan
On 5/22/06, Kris L. [email protected] wrote:
Mainly I want to be able to sell ruby/rails applications without doing a
hosted only solution (like basecamp), if I was 37signals I would want to
sell the application as you would desktop software…
That doesn’t really explain why you want to encrypt code:
if people copy your software illegally, they can do so whether the
source code is available or not.
if the code you want to release is so incredibly ingenius that
people will want to illegally steal your IP to integrate into their
own software, you can a.) sue them b.) get a patent (US only) c.) a
little bit of obfuscating won’t keep them out anyhow.
-tim
Mainly I want to be able to sell ruby/rails applications without doing a
hosted only solution (like basecamp), if I was 37signals I would want to
sell the application as you would desktop software…
The ruby obsufcator looks good but it may never work with Rails… it
doesn’t at the moment. 
Its an application that deals with highly sensitive data, I dont want
insiders to be able to write a bit of ruby and dump the data to
file/screen…
Tim B. wrote:
On 5/22/06, Kris L. [email protected] wrote:
Mainly I want to be able to sell ruby/rails applications without doing a
hosted only solution (like basecamp), if I was 37signals I would want to
sell the application as you would desktop software…That doesn’t really explain why you want to encrypt code:
if people copy your software illegally, they can do so whether the
source code is available or not.if the code you want to release is so incredibly ingenius that
people will want to illegally steal your IP to integrate into their
own software, you can a.) sue them b.) get a patent (US only) c.) a
little bit of obfuscating won’t keep them out anyhow.-tim
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs