Terje Johan Abrahamsen wrote: >>If your program can access these details, then a suficiently >>determined attacker can access them too, regardless of what you do. > > > Yes, I assume so. Luckily it is not national secrets we are trying to > hide. But, how does py2exe compare with for example a program written > in a compiled language like C++? Is it easier to find the info in a > py2exe .exe than a c++ compiled c++? >
Its not the exe file you need to be concerned about, its the pyc files that are created with it. I imagine the strings will be in plain text form, just like compiled C++. As others have pointed out, it would be impossible to prevent an attacker from discovering information inside the app. The best you can do is obfuscate the strings somehow and 'un-obfuscate' them when the app runs. That way they at least wont be obvious. Take a look at my signature for an example! Will McGugan -- http://www.willmcgugan.com "".join( [ {'*':'@','^':'.'}.get(c,None) or chr(97+(ord(c)-84)%26) for c in "jvyy*jvyyzpthtna^pbz" ] ) -- http://mail.python.org/mailman/listinfo/python-list
