How to protect python code ?

David Bolen db3l at fitlinxx.com
Mon Apr 7 13:24:14 EDT 2003 

msw <markscottwright at hotmail.com> writes:

> I think it ought to be relatively easy to distribute a hacked version
> of the python interpreter with your application that substitutes the
> standard "import" code with code that first looks for .pys files (or,
> what the hell, .tcl - let's not make this any easier) that are
> des-encrypted .py files.  Compilation to .pyo would have to be
> disabled, which would increase start-up time.  The hacked interpreter
> (it's pretty easy to embed the python interpreter in your
> application), could also check some sort of hardware token before
> starting.  I have no idea if this would violate python's license.

No real need to hack the Python interpreter proper for this if you
don't want.  Most packaging tools will have some sort of front end
code that they use to create the final exe that you ought to be able
to tune to your liking.  And you'd need to use a packaging tool or
else someone could just download the standard Python interpreter and
avoid your modified version entirely.

For example, with Gordon McMillan's Installer, there is a run.exe or
runw.exe that is prepended to the resulting executable, and source is
included.  So you could tweak that loader to do whatever you might
like prior to handing control over to the interpreter.  Likewise, the
import handling code can be adjusted if you'd like to have it do more
strenuous checking or decoding of the packaged files.

I know that I'm considering following this path as a minor adjustment
to the tool to permit a single Python runtime environment to exist for
multiple packaged applications.

> But unfortunately, if anyone's done this, you'll never find out about
> it on c.l.p.  :-)

I don't see that anyone here would have any objections to sharing this
information if it had been done.  It may actually be the case that
nobody has needed to yet, or that they have found the existing tools
suitable - for example, just packaging the application up as an
executable may be considered a reasonable level of protection against
casual snooping.

--
-- David
-- 
/-----------------------------------------------------------------------\
 \               David Bolen            \   E-mail: db3l at fitlinxx.com  /
  |             FitLinxx, Inc.            \  Phone: (203) 708-5192    |
 /  860 Canal Street, Stamford, CT  06902   \  Fax: (203) 316-5150     \
\-----------------------------------------------------------------------/

More information about the Python-list mailing list