Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:111988 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 11133 invoked from network); 2 Oct 2020 17:55:52 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 2 Oct 2020 17:55:52 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id AB725180532 for ; Fri, 2 Oct 2020 10:08:16 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-Virus: No X-Envelope-From: Received: from mail-ot1-f43.google.com (mail-ot1-f43.google.com [209.85.210.43]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Fri, 2 Oct 2020 10:08:13 -0700 (PDT) Received: by mail-ot1-f43.google.com with SMTP id y5so2034164otg.5 for ; Fri, 02 Oct 2020 10:08:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Hb8V33gtrrifQCXHtnGmgvaEXYkJQCl6CKUk6v4CQY4=; b=gwVX4izms/HZLOMSNxhBxx/hYG31zuG00P7eFp1djgMtlBLiuNfIp2HDwBczqXWy6F NVJ2gDWwpaJ1/Bd4lhF38pRogA0avVZXrMuJNICHItv7nSXWg3aRzvfXb2uuSr2YVxU2 31H1ZDOVoZlm5xyM5HMSxPU29egf6AZckbixj5UOEvOeTSC9fUklNveQ1JHv7Atw9lMQ sruqHBksUC/CRaWg4C9mHaz6CzP0ltRSxi85619AUgJk9Y8PDzU4Ty/Rl+zKFIUf5lRH tcI8/AdkzGpPa/SJphtTZW2eRpsMYLgYRNIzxe2culbn7+tDBjNBdevxtjxzKUYUgmPY vLrQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Hb8V33gtrrifQCXHtnGmgvaEXYkJQCl6CKUk6v4CQY4=; b=E46vg7qgPICzrB3ef/9EJLj/SDezURXB7Zb4jFJI2Fdh+AshqfZFgM/B3+154rdn20 lQiwIGPrymCspL2bRbk38oV601zEZ42c3+PR883eRw8XJcdJTat0/l3aKYw5SZo/Owbt V2Wd4vJQrNnIkCG3plIpUeXwEKqP3lGxxnsu/++QMMEoMTYS3XH4v55aV3fMhqlN8jeK +K7AXuj4SIsKM7Ck75pHSvspojmaLZC/LYVKc9T7jeE5akne2Iui7/X+J6YUqXPRXcsc xxDOASWSn+TQJLTR+LQA7zzEvbFKqIheMWdtsHUvhd+4sc+bQNcoaaaxdtkhfxFiTDvm cPrA== X-Gm-Message-State: AOAM531oGJ/kE0zejKyMiv+7pCe3P1EgjVSCBCDWl6wYWEM5yVzWWcRP cF6ccDoAU3vqrN50/uErj78Gu22E5iKaAj4WN7w= X-Google-Smtp-Source: ABdhPJzcu3zo/PX+JHztslZE4lv3/Sp2l/Nm36utYlp2X9WPozRTAJyAQr0UN2jTPuBFh8Pk1v4MCvT3awEWWl3n2NQ= X-Received: by 2002:a05:6830:1241:: with SMTP id s1mr2295984otp.219.1601658489608; Fri, 02 Oct 2020 10:08:09 -0700 (PDT) MIME-Version: 1.0 References: <940131FA-19B3-406C-8982-0AD276FD1879@gmail.com> <142da816-f3bf-2f05-6147-ccd2117e1dfd@gmail.com> In-Reply-To: Date: Fri, 2 Oct 2020 14:07:54 -0300 Message-ID: To: Rowan Tommins Cc: PHP internals Content-Type: multipart/alternative; boundary="000000000000531e8105b0b32db3" Subject: Re: [PHP-DEV] RFC: execution opcode file without php source code file From: david.proweb@gmail.com (David Rodrigues) --000000000000531e8105b0b32db3 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hello folks, Instead of an opcode without a php source file, that I imagine is to protect the code itself, why not a method to encrypt phar files (not like a password). I do not know if exists a secure method to decrypt to execute only, without reveals the original source code, but maybe it could be done. So opcode could be generated based on encrypted phar to give more speed. Atenciosamente, David Rodrigues Em sex., 2 de out. de 2020 =C3=A0s 13:52, Rowan Tommins escreveu: > On Thu, 1 Oct 2020 at 16:13, Dik Takken wrote: > > > The only use case I see is to package commercial closed source > > applications as Docker containers. That allows the packager to ship the > > compiled code along with the exact PHP version and configuration that > > can run it reliably. > > > > > Could this not be achieved by freezing the existing OpCache file cache in= to > the Docker image and telling OpCache not to validate timestamps, so that = it > always loads from the cache? That way, your application wouldn't even nee= d > to be modified, as the require_once lines would still refer to the origin= al > source paths. > > Regards, > -- > Rowan Tommins > [IMSoP] > --000000000000531e8105b0b32db3--