Is it possible to run a Rails application from embedded ruby? I''m thinking of replacing dispaches with a C application which will then call the normal Rails dispaches and so on... Is this do-able? Many thanks, Kris. -- Posted via http://www.ruby-forum.com/.
It is... and it is great. here is the way I did it in my script, it works fine for what I need... #!/appl/ruby/bin/ruby require ''rubygems'' require_gem ''activerecord'' require_gem ''activesupport'' # need the require for all the models you use... for example require ''../app/models/command.rb'' require ''../app/models/server.rb'' require ''../app/models/ip.rb'' require ''../app/models/interface.rb'' <rest of your program here... as if you were in a rail application> I hope this helps and works for you. Kris wrote:> Is it possible to run a Rails application from embedded ruby? > > I''m thinking of replacing dispaches with a C application which will then > call the normal Rails dispaches and so on... > > Is this do-able? > > Many thanks, Kris. > >
Thanks for the reply. That has given me hope! It would be great to know a bit more information, even off the list... I don''t quite get how it works? Stephane Fourdrinier wrote:> It is... and it is great. > > here is the way I did it in my script, it works fine for what I need... > > #!/appl/ruby/bin/ruby > > require ''rubygems'' > require_gem ''activerecord'' > require_gem ''activesupport'' > # need the require for all the models you use... for example > require ''../app/models/command.rb'' > require ''../app/models/server.rb'' > require ''../app/models/ip.rb'' > require ''../app/models/interface.rb'' > > <rest of your program here... as if you were in a rail application> > > I hope this helps and works for you.-- Posted via http://www.ruby-forum.com/.
Does the C application need to be a HTTP server which forwards HTTP
requests to Rails dispaches using embedded ruby interpreter?
#include "ruby.h"
main() {
ruby_init();
ruby_script("embedded");
rb_load_file("dispatch.rb");
while (1) {
if (need_to_do_ruby) {
ruby_run();
}
}
}
--
Posted via http://www.ruby-forum.com/.
I didn''t realize it was from inside a C application. I thought it was from a ruby script. never done it from a C program. Kris wrote:> Thanks for the reply. That has given me hope! > It would be great to know a bit more information, even off the list... > > I don''t quite get how it works? > > > Stephane Fourdrinier wrote: > >> It is... and it is great. >> >> here is the way I did it in my script, it works fine for what I need... >> >> #!/appl/ruby/bin/ruby >> >> require ''rubygems'' >> require_gem ''activerecord'' >> require_gem ''activesupport'' >> # need the require for all the models you use... for example >> require ''../app/models/command.rb'' >> require ''../app/models/server.rb'' >> require ''../app/models/ip.rb'' >> require ''../app/models/interface.rb'' >> >> <rest of your program here... as if you were in a rail application> >> >> I hope this helps and works for you. >> > > >-------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060519/db9a3172/attachment-0001.html
Oh, I''m not clear enough... I basically want to run Rails through embedded ruby in a C app so that it can load encrypted ruby source and decrypt before loading it in to the interpreter... Possible? Stephane Fourdrinier wrote:> I didn''t realize it was from inside a C application. I thought it was > from a ruby script. never done it from a C program.-- Posted via http://www.ruby-forum.com/.
Kris wrote:> Oh, I''m not clear enough... > I basically want to run Rails through embedded ruby in a C app so that > it can load encrypted ruby source and decrypt before loading it in to > the interpreter... Possible?I''m sure it''s possible, but you''ll have more luck on the ruby-lang list than here, I''d have thought... Actually, thinking about it, you could probably do it entirely from Ruby if you wanted to. How critical is the security of the code you''d want to encrypt? Little Sister or Big Brother? -- Alex
Well I want to protect the intellectual property of my code. If they had to crack a binary to decrypt the code that would be enough... Any ideas? Alex Young wrote:> Kris wrote: >> Oh, I''m not clear enough... >> I basically want to run Rails through embedded ruby in a C app so that >> it can load encrypted ruby source and decrypt before loading it in to >> the interpreter... Possible? > I''m sure it''s possible, but you''ll have more luck on the ruby-lang list > than here, I''d have thought... > > Actually, thinking about it, you could probably do it entirely from Ruby > if you wanted to. How critical is the security of the code you''d want > to encrypt? Little Sister or Big Brother?-- Posted via http://www.ruby-forum.com/.
Kris wrote:> Well I want to protect the intellectual property of my code. If they had > to crack a binary to decrypt the code that would be enough...So basically, all you need is something to "keep the honest people honest". That''s easy enough.> Any ideas?Override Kernel#require with a method that checks first to see if the required file''s first line (or 20 bytes, or whatever) has a signature string to indicate that the remainder of the file is encrypted, and if so provide a $global_decryption_key for it to reference so that it can read the rest of the file, decrypt it and eval() the resulting string. If the signature string isn''t there, fall back to a standard require(). This isn''t particularly secure, for a couple of reasons: firstly, you''ve got to put the $global_decryption_key somewhere the app (and therefore your users) can get to it, and you''ve also got to provide the code that will do the decryption at runtime. A smart rubyist will quickly put two and two together. Secondly, the entire unencrypted source would be available if someone were to dump the core image of the running ruby process (I presume - I haven''t actually checked this, but it''s a safe assumption). Despite this, there''s really no way for them to "accidentally" get their hands on your code. If you''re set on a C decrypter for that little bit of extra obscurity, you could wrap one (along, I *think*, with the Kernel#require override) in a ruby extension which you could just require from environment.rb. I believe there''s a ruby obfuscator around (Eric? Are you out there?) that might help if they do get hold of your source, too. Maybe it''s just me, but this seems simpler than embedding the interpreter... but is it secure enough? -- Alex
Great reply Alex and it would work a treat if the decryption key was not in plain text. I am not so fussed about people getting the code from memory dumps, because at least they can''t modify the code.> If you''re set on a C decrypter for that little bit of extra obscurity, > you could wrap one (along, I *think*, with the Kernel#require override) > in a ruby extension which you could just require from environment.rb. > > I believe there''s a ruby obfuscator around (Eric? Are you out there?) > that might help if they do get hold of your source, too. > > Maybe it''s just me, but this seems simpler than embedding the > interpreter... but is it secure enough?Are you suggesting I overide require but instead of using Ruby I use compiled C, because if that is possible it would be the answer. As far as I know the ruby obsfucator will not work with Rails, I think it only works with a subset of ruby. Many thanks, Kris. Alex Young wrote:> Kris wrote: >> Well I want to protect the intellectual property of my code. If they had >> to crack a binary to decrypt the code that would be enough... > So basically, all you need is something to "keep the honest people > honest". That''s easy enough. > >> Any ideas? > Override Kernel#require with a method that checks first to see if the > required file''s first line (or 20 bytes, or whatever) has a signature > string to indicate that the remainder of the file is encrypted, and if > so provide a $global_decryption_key for it to reference so that it can > read the rest of the file, decrypt it and eval() the resulting string. > If the signature string isn''t there, fall back to a standard require(). > > This isn''t particularly secure, for a couple of reasons: firstly, > you''ve got to put the $global_decryption_key somewhere the app (and > therefore your users) can get to it, and you''ve also got to provide the > code that will do the decryption at runtime. A smart rubyist will > quickly put two and two together. Secondly, the entire unencrypted > source would be available if someone were to dump the core image of the > running ruby process (I presume - I haven''t actually checked this, but > it''s a safe assumption). Despite this, there''s really no way for them > to "accidentally" get their hands on your code. > > If you''re set on a C decrypter for that little bit of extra obscurity, > you could wrap one (along, I *think*, with the Kernel#require override) > in a ruby extension which you could just require from environment.rb. > > I believe there''s a ruby obfuscator around (Eric? Are you out there?) > that might help if they do get hold of your source, too. > > Maybe it''s just me, but this seems simpler than embedding the > interpreter... but is it secure enough?-- Posted via http://www.ruby-forum.com/.
Kris wrote:> Great reply Alex and it would work a treat if the decryption key was not > in plain text.The only requirement for the decryption key would be that it''s *somehow* available at launch time. If you''re feeling especially tricksy, you could make a request to a web service for the key (over SSL if necessary). The next step up would be to request today''s decryption key and the encryption key for tomorrow, and then re-encrypt the code to disk after require()ing it. That''s almost certainly overkill, but it does sound like fun :-)>>If you''re set on a C decrypter for that little bit of extra obscurity, >>you could wrap one (along, I *think*, with the Kernel#require override) >>in a ruby extension which you could just require from environment.rb. >> >>I believe there''s a ruby obfuscator around (Eric? Are you out there?) >>that might help if they do get hold of your source, too. >> >>Maybe it''s just me, but this seems simpler than embedding the >>interpreter... but is it secure enough? > > > Are you suggesting I overide require but instead of using Ruby I use > compiled C, because if that is possible it would be the answer.Everything I''ve read so far leads me to believe it''s possible. I''m looking at doing something very similar for a non-Rails project right now. -- Alex
Thats sounds like a good way to go about it! Is the non-rails project you are doing still ruby? If so I would be intrested in helping out or having a look at what you are doing if possible... Alex Young wrote:> Kris wrote: >> Great reply Alex and it would work a treat if the decryption key was not >> in plain text. > The only requirement for the decryption key would be that it''s *somehow* > available at launch time. If you''re feeling especially tricksy, you > could make a request to a web service for the key (over SSL if > necessary). The next step up would be to request today''s decryption key > and the encryption key for tomorrow, and then re-encrypt the code to > disk after require()ing it. That''s almost certainly overkill, but it > does sound like fun :-) > >> >> Are you suggesting I overide require but instead of using Ruby I use >> compiled C, because if that is possible it would be the answer. > Everything I''ve read so far leads me to believe it''s possible. I''m > looking at doing something very similar for a non-Rails project right > now.-- Posted via http://www.ruby-forum.com/.
Alex Young
2006-May-22 08:58 UTC
[Rails] Re: Re: Re: Re: Re: Running Rails from embedded Ruby
Kris wrote:> Thats sounds like a good way to go about it! > Is the non-rails project you are doing still ruby? If so I would be > intrested in helping out or having a look at what you are doing if > possible...It''s still ruby, but I can''t really talk about what it is yet. I''ll be releasing pertinent source, though, probably over the next couple of months. Thanks for the offer, though :-) -- Alex
Kris Leech
2006-May-22 09:53 UTC
[Rails] Re: Re: Re: Re: Re: Re: Running Rails from embedded Ruby
No problem, can I get your email address Alex so I can keep in touch? Mine is krisleech AT interkonect DOT com if you prefer to keep your address out of the forum... Alex Young wrote:> Kris wrote: >> Thats sounds like a good way to go about it! >> Is the non-rails project you are doing still ruby? If so I would be >> intrested in helping out or having a look at what you are doing if >> possible... > It''s still ruby, but I can''t really talk about what it is yet. I''ll be > releasing pertinent source, though, probably over the next couple of > months. Thanks for the offer, though :-)-- Posted via http://www.ruby-forum.com/.
Alex Young
2006-May-22 09:59 UTC
[Rails] Re: Re: Re: Re: Re: Re: Running Rails from embedded Ruby
Kris Leech wrote:> No problem, can I get your email address Alex so I can keep in touch? > Mine is krisleech AT interkonect DOT com if you prefer to keep your > address out of the forum... >It''s pretty well visible already on the mailing list :-) I''m at alex@blackkettle.org if you can''t see it. -- Alex