protection

I'm maintaining a Rails app that has content in the public/ folder that will now need to be protected by a login. We're considering moving those folders of files into a path outside of public/ and writing a Rails controller to serve up the content. Before we begin writing this, I was curious if anyone else has ran into this sort of problem? I looked for some gems / plugins that might already do this but didn't find anything. Has anyone created a gem for this? I've done this on a site where people pay to download certain files, and the files are stored in RAILS_ROOT/private . The first thing to

Some time ago, in my work I needed to protect some classes against other people to read the code. For that purpose, I created a EncryptedClassLoader, that loaded previously encrypted classes, and can load normal (not encrypted) classes as well. Working in that way was a little complicated, and testing too (compile, then encrypt, and then decrypt). Is there any free framework to do what I needed, and is easy to handle? I mean, not only obfuscate, but also encrypt the files, so none can read or debug that part of code. It would also be great that I can change the keys for encryption easily (in

On Linux I can dd a file on my hard drive and delete it in Nautilus while the dd is still going on. Can Linux enforce a mandatory file lock to protect R/W? To do mandatory locking on Linux, the filesystem must be mounted with the -o mand option, and you must set g-x,g+s permissions on the file. That is, you must disable group execute, and enable setgid. Once this is performed, all access will either block or error with EAGAIN based on the value of O_NONBLOCK on the file descriptor. But beware: "The implementation of mandatory locking in all known versions of Linux is subject to race conditions

In Java in the equals(Object o) method I can access the private variables of the passed in object without going through its public getters. public boolean equals(Object o){ ... MyObject other = (MyObject)o; return getProp() == other.prop; } How's that? Private data is accessible by any instance of that class, even if one instance of class A is accessing the private members of another instance of A. It's important to remember that that access modifiers (private, protected, public) are controlling class access, not instance access. The probable answer is that the designer of the visibility model

I intend to make some software to be sold over internet. I've only created open-source before, so I have really no idea of how to protect it from being cracked and distributed as warez. Bearing in mind that I know like two programms that aren't either cracked or not really useful I decided that the only more or less reliable way may look like this: Connect to a server and provide licensing info and some sort of hardware summary info If everything is fine, the server returns some crucial missing parts of the program bound to that certain pc along with the usage limit of say 2 days That crucial

I have a few contributors in my github project. I want to allow only one of them to "push" to master. And this guy is not me (the owner of the repository). Is it possible to do? Back then, when this question was posted, GitHub didn't allow you to specify access privileges on a branch level. You can only do it on a repository level. So what you are requesting wasn't possible. If you want to work around this limitation, I personally see two options: you could use some kind of commit hooks, etc. to at least inform someone that something wrong happened If you really need this tight control, you

A different question, i.e. Best .NET obfuscation tools/strategy , asks whether obfuscation is easy to implement using tools. My question though is, is obfuscation effective? In a comment replying to this answer , someone said that " if you're worried about source theft ... obfuscation is almost trivial to a real cracker ". I've looked at the output from the Community Edition of Dotfuscator: and it looks obfuscated to me! I wouldn't want to maintain that! I understand that simply 'cracking' obfuscated software might be relatively easy: because you only need to find whichever location in the