How to protect Python source from modification
bruno modulix
onurb at xiludom.gro
Mon Sep 12 12:22:12 EDT 2005
Frank Millman wrote:
> Hi all
>
> I am writing a multi-user accounting/business system. Data is stored in
> a database (PostgreSQL on Linux, SQL Server on Windows). I have written
> a Python program to run on the client, which uses wxPython as a gui,
> and connects to the database via TCP/IP.
>
> The client program contains all the authentication and business logic.
> It has dawned on me that anyone can bypass this by modifying the
> program.
If your program relies on a RDBMS, then it's the RDBMS job to enforce
security rules.
> As it is written in Python, with source available, this would
> be quite easy.
Then there's probably something wrong with the way you manage security.
NB: splitting business logic from the GUI is still a good idea anyway.
--
bruno desthuilliers - unpythonic sig:
python -c "print '@'.join(['.'.join([w[::-1] for w in p.split('.')]) for
p in 'onurb at xiludom.gro'.split('@')])"
More information about the Python-list
mailing list