lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


It was thus said that the Great steve donovan once stated:
> On Sun, Sep 15, 2013 at 1:14 PM, Thijs Schreijer
> <thijs@thijsschreijer.nl> wrote:
> > Have a look at squish [1], it packs and minifies, and has options to also replace long names with short ones. So maybe not intended as obfuscation, it might be useful as such.
> 
> That's a good answer. Nothing puts a person off looking at bytecode
> dissembly faster than short meaningless variables.
> 
> Decrypt-on-the-fly works as well, if you can keep the key private.

  This is more of an accidental result, but for a program at work (The
Kitchen Sink Lua interpreter), I embedded all the modules required to run
our scripts (mainly used for testing) into a single executable (so the only
thing needed to be installed is the executable and possible script(s) to
run).  For the Lua-based modules, I first compile them into bytecode (using
luac---development and testing run the same platform), then compress (using
libz) and create a .C file with the resulting byte code that is compiled
into the main executable [1].

  I think this would be enough to stop all but the most dedicated, and,
aside from the bare module names (such as "LuaXML_lib") it might not even be
apparent Lua is embedded and used.

  -spc

[1]	Basically, what I described here:

	http://boston.conman.org/2013/03/23.1

	only with a decompression step when loading the Lua based modules.