D
Dominik Werder
Hello!
I'd like to write a lib which objects can only be used if the caller
has authenticated using username and password for example, sth like
that:
a = MyObject.new 'username', 'password' # returns instance is pass is
correct
a.doSpecialThings
I can assure that the source files can't be changed by setting file
permissions properly.
But how can I be sure that nobody can alter the class at runtime?
Is it sufficient to load potentially dangerous code with load('file',
true) ?
How can I prevent an attacker from reading the source where the
credentials must be stored somewhere? If ruby can read the source,
File.open can too, doesn't it?
Maybe it's not a good idea at all...
thank you for thinking about this
Dominik
I'd like to write a lib which objects can only be used if the caller
has authenticated using username and password for example, sth like
that:
a = MyObject.new 'username', 'password' # returns instance is pass is
correct
a.doSpecialThings
I can assure that the source files can't be changed by setting file
permissions properly.
But how can I be sure that nobody can alter the class at runtime?
Is it sufficient to load potentially dangerous code with load('file',
true) ?
How can I prevent an attacker from reading the source where the
credentials must be stored somewhere? If ruby can read the source,
File.open can too, doesn't it?
Maybe it's not a good idea at all...
thank you for thinking about this
Dominik