1

in python,can i load a module from remote server to local? what i do this is want to protect my source code. what should i do ,thanks

alwx
  • 179
  • 2
  • 9
  • 3
    are you sure this will protect your source code? To be imported it must be read anyway... – neurino Mar 29 '11 at 09:15
  • possible duplicate of [Importing module from network](http://stackoverflow.com/questions/4710588/importing-module-from-network) – Ignacio Vazquez-Abrams Mar 29 '11 at 09:38
  • You are asking two different questions in one topic, or you are oferring a solution for your question, that both are wrong I think, and makes topic mixed up. (I dont give -1 for that, just a reminder) – saeedgnu Mar 29 '11 at 11:29

3 Answers3

2

it can be done via python import hooks. see knockout for an implementation that you can either use directly or as a starting point to add further code-protection logic

user237419
  • 8,829
  • 4
  • 31
  • 38
  • Nice... and what about `wget http://www.crummy.com/software/BeautifulSoup/download/3.x/BeautifulSoup-3.0.8/BeautifulSoup.py` ^^ from this point of view I can't see no difference in _protecting_ source locally... – neurino Mar 29 '11 at 09:18
  • as i said, it can be either used directly or modified to enhance code protection, i have no idea what protection level alwx needs; not saving the source code on the file system may be a good initial protection level he could go from there on ;) – user237419 Mar 29 '11 at 09:30
  • you can second-start by directly loading bytecode; compile BeautifulSoup.py on crummy.com and load the .pyc from the hooks. not that one can't disassemble ... :-P – user237419 Mar 29 '11 at 09:34
  • and what about embedding .pyc file directly? As I said I see no difference, except I don't risk the app won't start when server is down... – neurino Mar 29 '11 at 09:42
  • @neurino: chicken and egg :) we're talking scenarios now. embedding pyc directly ... well, the Q was about loading the mods remotely; you probably want to suck code updates on imports, if you maintain a centralized module repository; server down ... use failovers; – user237419 Mar 29 '11 at 09:46
  • @neurino: but I feel you, using import hooks for loading modules remotely may be just unneeded extra sugar in most of the cases; for some may be useful if they know what they're doing – user237419 Mar 29 '11 at 09:49
  • @adirau: the question was loading mods remotely **to protect source** ;) so having remote or local .pyc files offers same (low) level of protection to that matter. Anyway I'm not into the main idea, not your answer that helps to implement it, I did not downvote your answer. – neurino Mar 29 '11 at 09:51
  • To protect source, you could import your code from an encoded stream (a TLS connection, for instance). You also will need to fully control the interpreter (e.g. have it built into your compiled app) so that it won't run under debugger, and also protect the decoding means (e.g. an SSL certificate). This will thwart simpler attacks (like tcpdump), but is perfectly breakable anyway. – 9000 Mar 29 '11 at 10:31
  • @neurino: we may be talking semantics now; is he trying to protect the source by hosting the modules remotely or is he trying to transfer and execute the code in a protected manner? but I hear you and I accept your observations – user237419 Mar 29 '11 at 10:39
1

A bit off topic but if source protection is what you need C-compile your python source with cython and distribute .pyd files.

You'll have to:

  1. adapt your source to be cython compilant (not all code can be converted)
  2. precompile .pyd files for platforms you want to support (Windows, Ubuntu, Fedora etc...)
neurino
  • 11,500
  • 2
  • 40
  • 63
  • kinda hard to maintain; thinking about generating machinecode for all the needed platforms and operating systems; and I would expect some troubles running these on a default python install – user237419 Mar 29 '11 at 09:52
  • I added notes list right for that reason, anyway are the same steps you have to do if you need performances cython offers and want to distribute precompiled packages, Windows above all, so it's not an uncommon situation. – neurino Mar 29 '11 at 09:57
0

Yes, you can import your code in creative ways.

No, it will not protect the code from being seen. Rethink your strategy, not tactics.

9000
  • 39,899
  • 9
  • 66
  • 104