[Python-ideas] I have an encrypted python module format: .pye
Tim Delaney
timothy.c.delaney at gmail.com
Sat May 12 15:11:00 CEST 2012
On 12 May 2012 08:27, li wang <charlesw123456 at gmail.com> wrote:
> When a .pye is imported, python will check the environment variable
> PYTHONENCRYPT, if this environment variable is defined with non-blank
> value, the value is used to generate AES key and CBC initialize vector
> which will be used to encrypt .py and decrypt .pye.
>
As others have noted, this is essentially useless for protecting your code.
How do you set that environment variable on your customer's system, without
giving them the key they need?
You can erect a somewhat higher barrier by using Pyrex or Cython to compile
your modules to .pyd/.so. It's still quite possible to extract your logic
and/or patch around things, but it's a little harder.
The only reasonably secure method (again, as noted by others) is to not
have your code on the client machine e.g. using a web service for the
critical logic.
Tim Delaney
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-ideas/attachments/20120512/2f69f358/attachment.html>
More information about the Python-ideas
mailing list