7

let us assume that there is a big, commercial project (a.k.a Project), which uses Python under the hood to manage plugins for configuring new control surfaces which can be attached and used by Project.

There was a small information leak, some part of the Project's Python API leaked to the public information and people were able to write Python scripts which were called by the underlying Python implementation as a part of Project's plugin loading mechanism.

Further on, using inspect module and raw __dict__ readings, people were able to find out a major part of Project's underlying Python implementation.

Is there a way to keep the Python secret codes secret?

Quick look at Python's documentation revealed a way to suppres a import of inspect module this way:

import sys
sys.modules['inspect'] = None

Does it solve the problem completely?

Helbreder
  • 882
  • 2
  • 13
  • 24
  • 4
    For your last answer i can still do: `del sys.modules['inspect']` :) – mouad Jun 17 '11 at 19:01
  • 3
    Related: http://stackoverflow.com/questions/261638/how-do-i-protect-python-code – Sven Marnach Jun 17 '11 at 19:02
  • 1
    Not possible. _But_ -- take a look at [this answer](http://stackoverflow.com/questions/576963/python-code-obfuscation/577161#577161) which suggests using Cython. Of course anything can be reverse-engeineered, but since Cython generates c code which is compiled into machine code, it's probably about as hard to reverse-engingeer as anything written in c. – senderle Jun 17 '11 at 19:10
  • 1
    Rather than "keep[ing] the Python secret codes secret", you should be making it so that the Python code doesn't need to be secret to begin with. As suggested in answers to the question linked by Sven, putting the sensitive code in an extension module and utilizing that with the Python scripts would be better than trying to hide code written in a language that isn't designed for hiding. – JAB Jun 17 '11 at 19:12
  • @mouad - aaaahh! :D Clever! :D – Helbreder Jun 17 '11 at 22:08
  • @JAB - to be honest, Project's not mine. I'm rather identifying with people from the opposite side of a baricade, the people who would be more than happy to use mentioned, fully documented Python API to greatly extend Project's functionality. Question I asked origins from pure curiosity. I wondered why Project's design uses Python to do underlying work. – Helbreder Jun 17 '11 at 22:16

4 Answers4

12

No, this does not solve the problem. Someone could just rename the inspect module to something else and import it.

What you're trying to do is not possible. The python interpreter must be able to take your bytecode and execute it. Someone will always be able to decompile the bytecode. They will always be able to produce an AST and view the flow of the code with variable and class names.

Note that this process can also be done with compiled language code; the difference there is that you will get assembly. Some tools can infer C structure from the assembly, but I don't have enough experience with that to comment on the details.

What specific piece of information are you trying to hide? Could you keep the algorithm server side and make your software into a client that touches your web service? Keeping the code on a machine you control is the only way to really keep control over the code. You can't hand someone a locked box, the keys to the box, and prevent them from opening the box when they have to open it in order to run it. This is the same reason DRM does not work.

All that being said, it's still possible to make it hard to reverse engineer, but it will never be impossible when the client has the executable.

Daenyth
  • 35,856
  • 13
  • 85
  • 124
8

There is no way to keep your application code an absolute secret.

Frankly, if a group of dedicated and determined hackers (in the good sense, not in the pejorative sense) can crack the PlayStation's code signing security model, then your app doesn't stand a chance. Once you put your app into the hands of someone outside your company, it can be reverse-engineered.

Now, if you want to put some effort into making it harder, you can compile your own embedded python executable, strip out unnecessary modules, obfuscate the compiled python bytecode and wrap it up in some malware rootkit that refuses to start your app if a debugger is running.

But you should really think about your business model. If you see the people who are passionate about your product as a threat, if you see those who are willing to put time and effort into customizing your product to personalize their experience as a danger, perhaps you need to re-think your approach to security. Assuming you're not in the DRM business, or have a similar model that involves squeezing money from reluctant consumers, consider developing an approach that involves sharing information with your users, and allowing them to collaboratively improve your product.

ironchefpython
  • 3,409
  • 1
  • 19
  • 32
  • Question I asked originated from pure curiosity. Project is not my creation, I am one of mentioned users. As a matter of fact, I would greatly appreciate fully documented, public API to extend Project's functionality. As far as I know - there is a business agreement between Project's developers and a another company to adapt and integrate a visual, modular scripting language, as a form of expansion pack, which - obviously - does cost a penny. I deliberately do not mention Project's name to respect developer's interest. – Helbreder Jun 17 '11 at 22:39
4

Is there a way to keep the Python secret codes secret?

No there is not.

Python is particularly easy to reverse engineer, but other languages, even compiled ones, are easy enough to reverse.

David Heffernan
  • 601,492
  • 42
  • 1,072
  • 1,490
1

You cannot fully prevent reverse engineering of software - if it comes down to it, one can always analyze the assembler instructions your program consists of.

You can, however, significantly complicate the process, for example by messing with Python internals. However, before jumping to how to do it, I'd suggest you evaluate whether to do it. It's usually harder to "steal" your code (one needs to fully understand them to be able to extend them, after all) than code it oneself. A pure, unobfuscated Python plugin interface, however, can be vital in creating a whole ecosystem around your program, far outweighing the possible downsides to having someone peek in your maybe not perfectly designed coding internals.

phihag
  • 278,196
  • 72
  • 453
  • 469