Mike, thanks for the constructive feedback.Indeed i probably need to patch import in some way. Looks like there is no standard way to get this done. So I guess I have do it myself...
In the famous last words department: how hard can that be? ;-) Paul Mike Meyer wrote: > On Sat, 12 Jan 2008 09:47:26 +1100 Ben Finney <[EMAIL PROTECTED]> wrote: > >> Paul Sijben <[EMAIL PROTECTED]> writes: >>> I know that I can not stop a dedicated hacker deconstructing my code. >> A direct consequence of this is that you can not stop *anyone* from >> deconstructing your code if it's in their possession. It takes only >> one dedicated, skilled person to crack your obfuscation system and >> distribute an automated process for doing so to anyone interested. > > Except that's not what he's trying to do. > >>> However I can not imagine that I would be the first one planning to >>> do this. So is there a solution like this available somewhere? >> Trying to make bits uncopyable and unmodifiable is like trying to make >> water not wet. > > And again, that's not what he's trying to do. He wants to arrange > things so that he doesn't have to support unmodified versions of his > code, by making it impossible to import modified modules. While that's > still impossible, once you decide how difficult you want to make it > for people to do that, you can *probably* make it that difficult - but > the process gets progressively more difficult and expensive as you > make it harder. > > I think he's contemplating only the simplest, least expensive step: > adding an import hook that only allows imports of digitally signed > modules. If planning to deploy on Windows, where he has to bundle a > python with his application, he may well implement the hook in the > interpreter instead of in python, so it's harder to find. > > If you wanted to go to the expense, you could probably arrange things > so that the digital signatures are the more vulnerable attack vectors, > but I'd expect to spend millions of dollars doing so. > > <mike -- http://mail.python.org/mailman/listinfo/python-list
