<div><span class="gmail_quote">Hi,<br><br>On 9/6/07, <b class="gmail_sendername">Benjamin Tolputt</b> <<a href="mailto:bjt@pmp.com.au">bjt@pmp.com.au</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Vlad Dumitrescu wrote:<br>> Why would beam files more securely protected if packed in a zip<br>> archive as compared to unpacked in a directory?<br>It is not so much "securing" the beam files from people as to stop them
<br>"replacing" the beam files easily. In an encrypted zip (or better yet,<br>appended to a protected executable) the "core" beam files used at the<br>"low level" of Erlang can be protected from "easy" replacement by casual
<br>users.<br><br>> There is already a mechanism to encrypt the debug_info data that might<br>> be included in the beam files. I suppose it would be relatively easy<br>> to do the same with the actual beam code and decrypt at load time.
<br>This is talking about something completely different. I am not<br>particularly worried about the byte-code being readable. It is more<br>about making it hard for them to be changed (which I realize is somewhat<br>the opposite of an Erlang advantage we all like).
</blockquote><div><br>Erm, if the byte-code is encrypted, how would you replace a beam file with a different one without breaking the encryption?<br><br>If the encryption is broken, then it feels about just as easy to replace a file in the file system or in a zip archive.
<br><br>One could also use separate schemes to ensure it's difficult to tamper with data, like for example storing the MD5 signature of files somewhere.<br><br>regards,<br>Vlad<br><br></div></div>