> > >> Or if there is any way so that I can encrypt my code > >> without interrupting the execution of the application. > > If your client is determined to access your code even an encryption of > the Ruby source code will not be sufficient. In order for MRI to > interpret Ruby it must be decrypted. If the client has full access to > the system then this means that they also have access to the encryption > keys. > > This is the same issue that makes decrypting DVDs possible. The keys > must be available to the system performing the decryption. Now maybe > doing this will discourage a client from making the attempt, but if they > are determined then there's nothing stopping them from hiring someone to > "crack" your encryption. But, as I said it's not really cracking it > since the encryption keys exist in a location where the client has > access. >
Indeed, finding them in memory. I believe though that the requirement is to stop casual looking/tampering by the company's sysadmins rather than to stop a dedicated expert cracker. Cheers, Andy -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-t...@googlegroups.com. To unsubscribe from this group, send email to rubyonrails-talk+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
