Reputation: 25996
Possible to compile/encode Ruby to binary to hide code?
My Ruby on Rails app of course contains all business logic and algorithms, and if I install this on a customers server, then they can read my source code, which I want to keep as secret as possible to protect my business.
PHP have several tools which can take the php project and encode it into bytecode, which is exactly what I would like to be able to do for Ruby on Rails.
There are several Ruby on Rails packers, which just bundles it all into an executable, but the plain Ruby source code is still in there.
Question
How to protect your Ruby on Rails source/product when it is installed on a customers server?
Upvotes: 3
Views: 1087
Answers (2)
Reputation: 369468
It is impossible to encode code in such a way that a machine can execute it, but a human cannot read it. In order for your customers to run the code, the CPU must understand the code. CPUs are much, much stupider than humans, so if a CPU can understand the code, then a human can, too.
The only way to protect your code, is to not give it away. Host the app on your own premises and rent access to it out as a service.
Note that reading your code is illegal, so what makes you think that somebody who has no problem with going to prison go get access to your secrets is going to get stopped by some encoding that can be reverse-engineered anyway? (Note that even if they have the un-encoded source code, they still need to reverse-engineer it anyway, since without access to your source repository and design documents, they have no idea why the code is written the way it is.)
Also, for someone who has no problem breaking the law, bribing one of your employees who knows how the code works is going to be much easier than reverse-engineering the code.
There is no general bytecode-format for Ruby. There are several different Ruby implementations, some of them have a bytecode format, some don't. E.g. Opal is a compiler that outputs ECMAScript, no bytecode involved. XRuby was a compiler for the JVM, but it is abandoned. Ruby.NET was a compiler for .NET, but it is abandoned. JRuby is an implementation for the JVM that also includes a compiler. Both YARV, MRuby, and Rubinius have different, incompatible bytecode formats; some of those implementations allow loading bytecode from disk, some don't.
Upvotes: -2
Reputation: 5129
There are a few Ruby code obfuscators, that you couple with a packer, to produce something that is at least reasonably hard to reverse-engineer.
If protecting your code is a business need, you might want to try RubyEncoder, a commercial product designed to do exactly what you want. (disclaimer: I didn't)
Note that if secrets in your code are that important to you, you might want to make it a service (e.g. a Web service) that your customer accesses instead of code you deploy on their systems. But that's an option that may not be viable (or desirable) for you for a zillion different reasons…
Upvotes: 4
Related Questions
- Is it possible to compile Ruby to byte code as with Python?
- Can you Distribute a Ruby on Rails Application without Source?
- Can any one help to encode the rails code.I want to share my code in binary executable form?
- Is there a way to force ruby to output results in binary
- Compiled or obfuscated Ruby
- Any easy way to hide a little bit a Ruby Code?
- Is there any way to hide my code?
- Is it possible to convert a Ruby script to an .exe so that the source code is not visible?
- Obscure your Ruby code?
- How do I hide pieces of the source code in a Rails app?