How to protect Python source from modification
Bryan Olson
fakeaddress at nowhere.org
Tue Sep 13 16:45:20 EDT 2005
bruno modulix wrote:
> Frank Millman wrote:
>>I am writing a multi-user accounting/business system. Data is stored in
>>a database (PostgreSQL on Linux, SQL Server on Windows). I have written
>>a Python program to run on the client, which uses wxPython as a gui,
>>and connects to the database via TCP/IP.
>>
>>The client program contains all the authentication and business logic.
>>It has dawned on me that anyone can bypass this by modifying the
>>program.
>
> If your program relies on a RDBMS, then it's the RDBMS job to enforce
> security rules.
Don't know enough about Millman's app to comment on it
specifically, but many reasonable server-side applications use a
single log-in to the database, then enforce security in the
application server. Web shopping-carts, for example, generally
work that way.
--
--Bryan
More information about the Python-list
mailing list