Encrypted Logging in python
koranthala at gmail.com
koranthala at gmail.com
Fri Jan 9 08:02:16 EST 2009
On Jan 9, 3:16 pm, Steven D'Aprano <st... at REMOVE-THIS-
cybersource.com.au> wrote:
> On Fri, 09 Jan 2009 00:21:09 -0800, koranthala wrote:
> > I was wondering if there is a mechanism to encrypt logging automatically
> > in python.
> > The issue is as follows:
> > (a) An application (after py2exe) will go as executable and there
> > is no need for the user to know that it is written in python. If an
> > exception occurs and it is logged, then the user can understand it is
> > written in python.
> > (b) A security threat. If an exception occurs, the code is seen by
> > the user - and possibly be misused.
>
> Security by obscurity is not security. If your application isn't secure
> against people who know what language is written in, then it isn't secure.
>
> --
> Steven
I understand that completely.
My point is that even though I can try to make the application
completely secure - I can never be sure of that. Especially if your
company is a very small one - and might not be able to have the best
programmers around. So, another layer of security - even security
through obscurity - can give that bit extra time in which the bugs in
the system can be ironed out.
Also, what I am asking is a generic option in logging - which can help
the adoption of the logging framework in even closed source systems.
It is not just about security - just that a closed source company
might be much more comfortable in using the system if crypt is there.
More information about the Python-list
mailing list