How to protect Python source from modification
peter at engcorp.com
Mon Sep 12 16:08:54 CEST 2005
Frank Millman wrote:
> I am writing a multi-user accounting/business system. Data is stored in
> a database (PostgreSQL on Linux, SQL Server on Windows). I have written
> a Python program to run on the client, which uses wxPython as a gui,
> and connects to the database via TCP/IP.
> The client program contains all the authentication and business logic.
> It has dawned on me that anyone can bypass this by modifying the
> program. As it is written in Python, with source available, this would
> be quite easy. My target market extends well up into the mid-range, but
> I do not think that any CFO would contemplate using a program that is
> so open to manipulation.
> The only truly secure solution I can think of would involve a radical
> reorganisation of my program
Please define what "truly secure" means to you.
I think you'll find that the only "truly secure" solution is to install
the critical authentication and business logic stuff that you want to
protect on a server to which the user does not have physical access.
People wanting to protect critical algorithms often conclude that they
need to have a "black box" server which cannot be physically opened by
Or do you think this issue is in some way unique to Python? You might
not realize that the only difference from a security point of view
between shipping such a program written in Python and one written in,
say, C++, is that "modifying the program" is somewhat more tedious with
C++. That's no better than security by obscurity; maybe it should be
called "security by adiposity". ;-)
But the real answer does depend a lot on *exactly* what kind of security
you want (or, ultimately, what it turns out you really need, once you've
clarified your thinking based on the feedback you do get here). Issues
like: are you more concerned about detecting changes, or in preventing
them in the first place? (the latter is much harder); what is the nature
of software that competes with yours? (is it really any more secure, or
only apparently so? maybe this is just a marketing issue); and is there
any intellectual property that you are trying to protect here, or are
you just interested in avoiding casual disruption of normal operation?
More information about the Python-list