#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    10
    Rep Power
    0

    How to kleep closed source? ( security problem )


    I am currenty working on a important project with my friends. I have to write gui client in python which needs to connect with onlin sql database. I would compile it with py2exe since that's the only way to make it runable for windows. I came to problem with keeping my program source closed, i heard that py2exe is easily reverse engineered.. If someone would do that on my program, then he would have access to database, which means failure(hacked). So how can i protect my python program compiled with py2exe? Or there is other way?

    All i need is keep my program source closed for users.

    Thanks in advance.
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2012
    Posts
    114
    Rep Power
    3
    (C)Python is an interpreted language: any way you distribute your program you're going to have to include either the Python source code or the bytecode (.pyc), which can be easily decompiled to source.
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2007
    Location
    Joensuu, Finland
    Posts
    430
    Rep Power
    66
    In any case I think that if the security of your implementation is jeopardized merely by looking at the source code, you are doing it wrong.

    Comments on this post

    • Jacques1 agrees
    My armada: openSUSE 13.1 (home desktop, home laptop), Crunchbang Linux 11 (mini laptop, work laptop), Android 4.2.1 (tablet)
  6. #4
  7. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    Hi,

    I absolutely agree with SuperOscar. Don't misuse closed source to cover up poor programming or security holes.

    Your users already have database access through the application. If direct access gives them more possibilities, then this is your problem. You need to set the proper user permissions on your database server. Don't rely on your application to restrict the users.
  8. #5
  9. Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Feb 2005
    Posts
    605
    Rep Power
    65
    One way is through source code obfuscation, see:
    http://en.wikipedia.org/wiki/Obfuscation_(software)
    Real Programmers always confuse Christmas and Halloween because Oct31 == Dec25

IMN logo majestic logo threadwatch logo seochat tools logo