[Q] how to protect python program from decompilation
Tim Peters
tim.one at home.com
Sun Feb 18 12:59:17 EST 2001
[Leonid Gluhovsky]
> The company I work for has a program written in Python, and wants to
> ship it to customers in such a way that even if the customers are Python
> gurus they will not be able to decompile Python bytecode and arrive at
> readable source.
>
> Is it possible?
Not a chance, but that's got little to do with Python. If you let me run
any code whatsoever on my box, I can get a trace of the CPU instructions
executed, and that suffices for reasonable reconstruction of the executed
paths in the source code given enough effort. If I know the code was
originally written in Python, or C, or C++, or Java, ..., it makes it that
much easier (because any given compiler is pretty consistent in the way it
generates code for various language constructs), but it isn't essential.
For example, it's easy to reconstruct your hierarchy of subroutines just by
noting when hardware call and return sequences occur, and from and to which
addresses.
The ironic thing is that the more obscure you try to make it, the more
crackers will consider it a worthy challenge to reverse-engineer it. Hiding
a thing in plain view can be more effective in the end!
> How to do it?
Look at it this way: a computer CPU only speaks French. You have some
technical text written in English, and your mgmt wants you to translate it
into French in such a way that nobody can get back an approximation to the
English you started with. Then they don't understand the technical issues
(perhaps they're under the illusion that *only* a CPU can understand
French), or they're on powerful drugs, or both. This is an exact analogy,
because French is such a low-level language <wink>.
any-language-without-"potato"-is-low-level-by-american-definition-ly
y'rs - tim
More information about the Python-list
mailing list