1

I try to make my code modular because it's too long, the problem is I don't know whether i'm doing it safely. I segmented my code into different files, so 1 python file runs the others, sometimes I have to call 1 file that will run another file that will run another file, so multiple chained commands.

The issue is that some of the files will process sensitive information like passwords, so I don't know whether I do it safely. Ideally after 1 file is executed, it should close itself, and delete all variables from it's memory, and free that space, like it normally would as if I were to just execute 1 file, the problem is that I don't know whether if I call multiple files nested into one another, this applies. Obviously only the file that is executed should clear itself, not the one that is active, but I don't know if this is the case.

I have been calling my modules like this

os.system('python3 ' + filename)

And in each file subsequently the same code calling another file with os.system, forming a nested or chained call system.

For example if I call the first file from shell:

python3 file1.py

and then file1 calls:

os.system('python3 file2.py')

and then file2 calls:

os.system('python3 file3.py')

I would want file3 cleaned from the memory and closed entirely after it runs, whereas file2 and file1 might still be active. I don't want file3 to be still inside the memory after it executed itself. So if file3 works with passwords, it should obviously clean them from the memory after it runs.

How to do this?

I have read about multiple options:

from subprocess import call
call(["python3", "file2.py"])

import subprocess
subprocess.call("file2.py", shell=True)

execfile('file2.py')

import subprocess
subprocess.Popen("file2.py", shell=True)

Which one is safer?

zamir
  • 2,144
  • 1
  • 11
  • 23
johnyboy325
  • 115
  • 9
  • 1
    a safer option is a bit of reformatting so you can actually import files and run them. perhaps turn some of those intermediate files into functions, modularity and temp variables handled automatically! call them from some kind of main script. – Paritosh Singh Jun 04 '19 at 12:47
  • It may be better to just have a shell script which runs all the python files with appropriate commands. If you have sensitive information like passwords you should consider encrypting it. One way is to encrypt a file with password information and have a decryption function ready. So whenever a password is used, you read it from the file, decrypt it and use it. The variable shouldn't be printed anywhere and you can clear it from memory using **del** command. – Harsha Reddy Jun 04 '19 at 13:43

1 Answers1

1

Python is heavily relying on the notion of importation. You should not try to reinvent the wheel on this one. Just import your scripts from the main script and use functions to trigger them. If you want to be sure variables are discarded you should include a del statement at the end of the functions or as soon as the variable is no longer in use.

On another hand, your problem with password is flawed from the start. If a .py file contains a password in plain text it's not, it will never be, in no scenario, secured. You should implement a secret : see this topic : I need to securely store a username and password in Python, what are my options?

Vincent Chalmel
  • 590
  • 1
  • 6
  • 28