This code demonstrate how to load sensitive code from encrypted files at runtime.
$ ruby sample.rb
Now, protect the sensitive code
$ ruby protect_sensitive.rb sensitive_methods.rb
- A
master.key
file will be generated sensitive_methods.rb
is encrypted intosensitive_methods.rb.enc
and renamed intosensitive_methods.rb.hidden
Run sample again :
$ ruby sample.rb
Remove, rename or corrupt the master.key
:
$ mv master.key master.key.skipped
Sensitive code is not loaded.
Now you can publish your code ignoring master.key
and *.hidden
files,
no one would run your sensitive code unless they have access to the master.key
The application code must be designed to work even if the sensitive code is not loaded