How to protect Python source from modification

Bryan Olson fakeaddress at nowhere.org
Tue Sep 13 22:45:20 CEST 2005


bruno modulix wrote:
 > Frank Millman wrote:
 >>I am writing a multi-user accounting/business system. Data is stored in
 >>a database (PostgreSQL on Linux, SQL Server on Windows). I have written
 >>a Python program to run on the client, which uses wxPython as a gui,
 >>and connects to the database via TCP/IP.
 >>
 >>The client program contains all the authentication and business logic.
 >>It has dawned on me that anyone can bypass this by modifying the
 >>program.
 >
 > If your program relies on a RDBMS, then it's the RDBMS job to enforce
 > security rules.

Don't know enough about Millman's app to comment on it
specifically, but many reasonable server-side applications use a
single log-in to the database, then enforce security in the
application server. Web shopping-carts, for example, generally
work that way.


-- 
--Bryan



More information about the Python-list mailing list