Freeze/Source Code Question?
Tim Peters
tim_one at email.msn.com
Fri May 5 03:12:58 EDT 2000
[David Lees]
> I am taking an initial look at Python (total novice) and am puzzled
> about the existence of Freeze. If you do not wish to show your source
> code to the world, I gather the byte code in the form of *.pyc files can
> be executed.
Disguising source is not the purpose of freeze tools.
> If the Freeze stuff, just embeds the byte code into a C program
> (interpreter?) what is the difference from the viewpoint of
> hiding the code?
None.
> I assume the C might be easier to run, because everything is in one
> executable,
Bingo. It's a convenience for the end user.
> but is the byte code still not easily viewed with an octal or hex
> dump, just as in the .pyc files?
The standard library module "dis" supplies a symbolic disassembler for
Python bytecode -- no need for binary dumps.
> Are there really good decompilers that translate byte code into source
> for Python, so that nothing is really hidden?
"dis" is a start, and others have built fancier disassemblers on top of it.
I don't know what "really good" means to you. Certainly good enough to
extract whatever it is you hope to hide, but see below.
> If so, is it really much different that Java or Visual Basic, where
> presumably the same thing can be done?
Very different: Python code works <wink>.
BTW, if you think you're more secure distributing, for example, compiled C
or Fortran code in binary form, you're mistaken: if my machine can execute
it, I can trace the machine instructions, and they tell me everything your
program does as well as how it does it. Python bytecode is less work to
decipher, but a reasonably talented hacker can effectively "reverse compile"
anything.
hence-the-restriction-against-doing-that-in-all-the-software-licenses-
you-accept-without-reading<wink>-ly y'rs - tim
More information about the Python-list
mailing list