Great minds think alike.  Coincidentally, my wife came to the same
conclusion last night, and she's not even in the industry.

"David Garamond" <lists / zara.6.isreserved.com> wrote in message
news:40BEFB85.8050003 / zara.6.isreserved.com...
> Daniel Berger wrote:
> > Philipp Kern <trash / philkern.de> wrote in message
news:<slrncbrv95.qmp.trash / o2.net.philkern.de>...
> >
> >>On 2004-06-02, Daniel Berger <djberg96 / hotmail.com> wrote:
> >>
> >>>ruby -e 'require
"crypt/fog";eval(Crypt::Fog.decrypt(IO.readlines("cfoo.rb").to_s.chomp,44))'
> >>
> >>And how do you obfuscate the salt? Because that's the problem we try to
deal
> >>with. As soon as you call the decrypter you need the password available.
> >>
> >
> > 1) Put above code in file
> > 2) chown root file
> > 3) chmod 700 file
>
> Sorry, but this is getting sillier and siller :-)
>
> The original problem is to obfuscate Ruby code against end users, which
> will have full control to the application, their machine, and the whole
> filesystem.
>
> For the above to work, you'll have to distribute your software as in
> ASP/rented fashion, not shrink-wrapped. In this case, you don't need
> obfuscation anyway.
>
> -- 
> dave
>
>