Prevent Modification of Script?
ts-dev
time.swift at gmail.com
Wed Apr 4 23:19:37 EDT 2007
On Apr 4, 6:10 pm, Michael Ekstrand <use... at elehack.net> wrote:
> One significant factor: are you worried about other
> users on your systems (or other users who share systems with you under a
> third party's control), or are you worried about what people will do on
> their own systems?
Michael, Ben & others:
The short answer is others on a shared system, or malware that could
modify the scripts.
I'm new to python programming and there are just some paradigms I'm
having trouble grasping.
If the scripts can be modified (very easily), how can the application
be trusted?
i.e. If its an address book, then it would be trivial for malware to
modify the script to override data or send it somewhere else...
It would also seem like it makes user authentication through a
password/ username, or encryption useless. The script could easily be
modified to by-pass authentication and encryption could be disabled.
Please correct any wrong assumptions that I might be making..
In a compiled application its not impossible to by pass the code.. but
its not so easy. Perhaps this is just a side-effect of being a
scripted language - not a flaw, just me trying to use it for something
its not well suited for.
- Kiel
More information about the Python-list
mailing list