Python obfuscation
Steven D'Aprano
steve at REMOVETHIScyber.com.au
Thu Nov 10 09:30:07 EST 2005
On Thu, 10 Nov 2005 13:35:00 +0100, yepp wrote:
> The Eternal Squire wrote:
>
>>
>> 1) The decrypted modules should only reside in RAM, never in virtual
>> memory. Those RAM locations should be rendered inaccessible to Python
>> code.
>
> I'm starting to understand why FOSS developers are said to be productive
> above the average: they don't have to mess their brains with stuff like
> that.
That's not *quite* true. There are FOSS programs that actually do care
about security. For instance, if you are encrypting data, you don't want
the memory containing the plaintext to be swapped to your swap
partition, where raw disk tools can recover it.
But as a general rule, you're right. If you, the developer, don't have to
think of your users as the enemy, you'd be amazed the amount of make-work
you don't have to do.
--
Steven.
More information about the Python-list
mailing list