On Sun, Sep 15, 2013 at 4:43 PM, Dirk Laurie wrote:
2013/9/15 Jayanth Acharya :
> Based on my reading so far, Lua bytecode can be decompiled,
and the only Lua
> obfuscator, which is an online service, doesn't seem to
work for the simple
> 5 line Lua script I tried. It it right that obfuscation is
then not a
> meaningful way to protect proprietary Lua code and thus a
working tool
> doesn't exist to do so ?
You can strip the Lua source from the bytecode. The resulting
bytecode can
be disassembled but not decompiled. I've seen Lua packages
with strings
defined as a sequence of hex-coded bytes which are turned into
functions
by loading them.
You could go further and encrypt those strings, requiring a
password to
decrypt.
But really, if protecting proprietary code is you mission in
life, Lua is
not the ideal vehicle for you.
That's an excellent question that I have asked myself, and if I
have an option, then the answer is certainly a 'no'. I began
learning Lua for fun and out of curiosity while dabbling a little
with FreeSWITCH. None of this is part of my official charter (my
day job), where we go at great lengths in imagining that our
source-code is the most valuable asset and it needs to be
protected like national treasure! If I ever happen to start using
Lua at work, I am afraid, I might have to answer this question
about obfuscation, at one point or the other.
