-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

| Could one not modify the source of the Ruby interpreter to
| load a public key and then only accept code encrypted with
| the equivalent private version?  Would this provide
| adequate protection, or does it only mean

If the code is encrypted, how are you going to decrypt it?

I think you have your key types mixed up.  It's the public
key that can encrypt and the private key that can decrypt.

There are two applications for public/private keys as far as
i can see here:

~  1) Use the private key to SIGN the file (it is still a
~     cleartext ruby script) and you can verify where it came
~     from.  This is not what you want.  e.g. if you are
~     accepting code via a web interface and you want to
~     ensure it's from a trusted source before running it,
~     you can set up those trusted sources before hand and
~     verify the signature.

~  2) Hack the ruby executable to contain the PRIVATE key and
~     the PASSPHRASE so that it can decrypt something
~     encrypted with the PUBLIC key.  But
~     you don't want to do this.

Number 2 gives you the effect you want, but it certainly
isn't something you want to do.  You may as well post your
private key and passphrase on your homepage.

And like everyone's already said, unless ruby doesn't have
to decrypt it, you're still screwed.  Not only will they
have your private key and passphrase, they can also watch
ruby decrypt it and get the source anyways.

hell... truss would be the only "hacker tool" you need :)

Regs, Derek
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)

iD8DBQFDBf7CwwHFeC88e2IRAipuAJ9gm1ild21NhJuH3z/D41acKPvJygCeJJMY
SoCgPC9jm0iFMQGnH8vf4HY=
=o70E
-----END PGP SIGNATURE-----