what's the best methode to crypt/encode the python code.

[Pete Shinners]

"vincent delft" <vincent_delft at yahoo.com> wrote
> I've written a Python code that check an application (registration
> into the DB, execution of commands, ...).  And I would like to put
> this code on the production machine. My problem is that some
> passwords and some private info are into the python code.

first, you definitely want the passwords info in a different
file than the actual code. overall, the best thing may be
to set no "read" access to the file for anyone but yourself.
i'm personally not sure how "secure" the windows file access
protection is, but if it does what it is supposed to, nobody
but you should be able to read the file.

it shouldn't be too hard to encrypt the password data. look
into the "rotor" module. one problem is that people can always
look into your python source to get the decryption "key".

perhaps this is a good idea (just came to me). create the
key programmatically, based on static file info, like full
path, creation time info, etc. this will make it a bit more
inconvenient just a simple string key. if someone does get
read access to your password file, they'll need a little
program of their own (likely cut&pasted from your original
source) to create the key for that file.

another quick benefit to that is, if someone makes their
own copy of your password file, its not going to work
anymore (since fullpath, creation time, etc, have changed)

that should do it. for better security, i guess no one
should have read access to the python script either.
(or at least the part of the python code that knows the
decoding key). but if you ever share that, they will have
all the info they need to get at your password. (again,
only if they can actually read the password file)


anyways, these are just ideas off the top of my noggin.
just to warn you i've never personally done anything that
needed security like this, so there may be some
unintentional backdoors here :/