[Tutor] login window using Tk
Steven D'Aprano
steve at pearwood.info
Thu Nov 3 00:46:04 CET 2011
On Wed, 2 Nov 2011 11:54:17 am Alan Gauld wrote:
> On 01/11/11 21:15, Joel Montes de Oca wrote:
> > Question, once the code is compiled to a binary, can someone
> > inject code to cause the hidden window to show, skipping the
> > login altogether?
>
> In general you don't compile Python to a binary, although tools
> exist that give a good approximation to that. But to inject code
> would need access to the source files
A sufficiently clever byte-code hacker can insert byte-code straight
into the .pyc file, given write permission to the files -- or an
exploit that allows writing to a file.
Since people can modify machine code executables (that's how most
viruses work, and cracked applications), modifying byte-code is
unlikely to give them any trouble.
Here's a proof-of-concept virus that does exactly that:
http://www.symantec.com/connect/blogs/python-has-venom
--
Steven D'Aprano
More information about the Tutor
mailing list