Controlling who can run an executable

Cigar chrisgarland67 at hotmail.com
Tue Oct 4 05:10:22 CEST 2005


I am developing a program for a client.  She runs a shop where her
clients bring in items for sale or short term buyback.  Development of
the program has been going great but she's mentioned that there is a
'feature' coming up in the next couple of weeks that she'd like me to
implement that has me a bit worried.

My client has told me a story of how she hired someone from a competing
store and that person had brought a copy of the program her competition
was using to track clients and transactions.  He couldn't demonstrate
the program for one reason or another because it was protected in a way
that neither could circumvent. (She didn't remember how it was
protected, she had hired this person a long time ago.)

Now that I'm three months into the development of this program, my
client tells me she would like to protect her investment by preventing
her employees from doing the same to her.  (Going to the competition
and using her program.)

What my client cannot prevent:
- access to the .exe

What my client is looking to prevent:
- running of the exe by un-authorized individuals.

Ideas I've had to prevent someone from running the app:
- ask for a password every time the program is run. (I wonder how
quickly they will complain about this, not very secure once everyone
eventually finds out what the password is)
- make a little hardware dongle and check to see if it's on the
parallel port. (old idea)
- check for an encrypted flash drive and try to read an encrypted file
from it. (new idea)
- buy the client a Microsoft Fingerprint Keyboard and figure out if it
will make the clients life easier (two minutes of research showed this
idea has multiple problems)

What I want:
- the simplest thing that could possibly work!

I guess my problem isn't really a python problem.  This is a scenario
that any developer in any language might face where an executable
should only be run by approved individuals.

c.l.p searches I've tried:
'protecting code' - details how to make python files 'unreadable'
'preventing execution' - best one here details encrypting a root
password

Thanks




More information about the Python-list mailing list