Hi everybody, I would like to know, at the present time, in which ways I
can protect my ruby source code that is deployed on machine connected to
the Internet?
I googled a bit and found that I could compile the code to obtain a
bytecode but is it safe? I mean isn’t there a way to reobtain source
code starting from the bytecode?
Thanks in advance for your help.
On Wed, Feb 26, 2014 at 10:27 AM, Mario R. [email protected]
wrote:
Hi everybody, I would like to know, at the present time, in which ways I
can protect my ruby source code that is deployed on machine connected to
the Internet?I googled a bit and found that I could compile the code to obtain a
bytecode but is it safe? I mean isn’t there a way to reobtain source
code starting from the bytecode?Thanks in advance for your help.
Translating from source to bytecode is a one-way process – you can’t
get
the exact same source out from the bytecode. However, it can still be
fairly easy for someone to reverse-engineer the bytecode and get a gist
of
what the programmer intended the code to do.
You might have found information on JRuby in your search. JRuby normally
compiles Ruby into an intermediate form of bytecode and then executes
that;
but it can also take the extra step of compiling the intermediate
bytecode
into Java bytecode. Anecdotally, that’s supposed to give you a little
more security because it goes through multiple translations.
But the safest way to protect your code is just not to distribute it,
e.g.
hosting it all on the web. (I suppose even then, someone may have a
slight
chance of hacking the server it’s on and getting it out.)
Yes bytecode can be disassembled and it’s simpler than you think. If
security is an issue you will need to build your own server and employ
your
own policy on such matters.
Hi
I may be dumb as a Java-programmer, but would really like to know, what
kind of security-risk you try to protect against; just the list, like
that and that kind of evil or mischief…
Each time, that this kind of question arises, I feel like if I had
heard:
“theft of my intellectual property” and such. I hope, I am erring and
that we all know what a scripting-language is.
Never mind, I really was a Java-programmer.
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs